LockBit administrator sentenced to almost four years in prison after guilty plea

Avatar

An administrator for the LockBit ransomware gang has been sentenced to four years in prison after pleading guilty to eight charges in a Canadian court last month.

Mikhail Vasiliev, a 34-year-old Canadian-Russian dual national, has been in legal peril since he was first arrested in October 2022 at his home in Bradford, Ontario, as part of an international operation involving European, U.S. and Canadian authorities. He has faced charges from both the U.S. Department of Justice and Canadian authorities since his arrest. 

On Tuesday, Justice Michelle Fuerst handed down an almost four-year sentence to Vasiliev, calling him a “cyber terrorist” who was “motivated by his own greed,” during a hearing in Orillia, Canada. Vasiliev’s lawyer, Louis Strezos, told CTV News that the hacker “took responsibility for his actions” and only became involved in cybercrime during the COVID-19 pandemic.

Vasiliev pled guilty to eight charges involving cyber extortion, weapons possession and more. The charges related to ransomware attacks launched against three Canadian companies in 2021 and 2022. In addition to the prison sentence, he has also been ordered to pay $860,000 in restitution to his victims. 

CTV News also reported that Vasiliev has also consented to being extradited to the U.S. — where he is facing several charges unsealed in a New Jersey court in 2022 for his role in LockBit.

The U.S. charges include  conspiracy to intentionally damage protected computers and to transmit ransom demands. He faces a maximum sentence of five years in prison if convicted. 

He is one of only two LockBit suspects known, by name, to be in law enforcement custody.  Ruslan Astamirov is awaiting trial in the U.S. on charges filed last June related to deploying LockBit against victims in Florida, Kenya, France and Japan.

He was released on bail last year but rearrested in December after violating the conditions of his parole. 

Last month, an international law enforcement operation brought down the ransomware gang’s infrastructure and identified hundreds of affiliates involved in the group. The U.S. Justice Department also unsealed indictments of Russian nationals Artur Sungatov and Ivan Kondratiev — an infamous hacker also known as Bassterlord.

Two arrests in Ukraine and Poland were announced as part of the rollout of the takedown, but police did not reveal the identities of those detained.

LockBit was the most prolific ransomware operation in the world before its takedown, launching thousands of attacks against governments, businesses and organizations in dozens of countries. 

The gang offered its ransomware as a service, providing its platform to customers for a fee since 2019. Researchers at Recorded Future attributed nearly 2,300 attacks to this threat actor. The group received more than $120 million in ransom payments since it began operating

The gang has tried to give the illusion that it is still operating, posting data stolen from organizations before the law enforcement takedown

CybercrimeNews
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Demystifying a Common Cybersecurity Myth

Next Post

Russian-Swedish national behind $400 million crypto mixer convicted of money laundering

Related Posts

Medusa Ransomware on the Rise: From Data Leaks to Multi-Extortion

The threat actors associated with the Medusa ransomware have ramped up their activities following the debut of a dedicated data leak site on the dark web in February 2023 to publish sensitive data of victims who are unwilling to agree to their demands. “As part of their multi-extortion strategy, this group will provide victims with multiple options when their data is posted on their
Avatar
Read More