Yaroslav Vasinskyi, a Ukrainian national who was arrested in Poland last month, is accused of deploying ransomware known as REvil, which has been used in hacks that have cost US firms millions of dollars. Vasinskyi conducted a ransomware attack over the Fourth of July weekend on Florida-based software firm Kaseya that infected up to 1,500 businesses around the world, according to an indictment unsealed Monday.
Vasinskyi and another alleged REvil operative, Russian national Yevgeniy Polyanin, are charged with conspiracy to commit fraud and conspiracy to commit money laundering, among other charges. As part of the investigation, authorities seized at least $6 million in funds allegedly linked to ransom payments received by Polyanin, US officials said.
CNN was first to report on the law enforcement actions before the Justice Department announcement.
The law enforcement bust is one of the most impactful actions yet in the Biden administration’s multipronged fight against ransomware, which accelerated after a series of hacks hampered US critical infrastructure firms this year. While some ransomware groups have continued to breach US companies and demand payment, others have gone quiet in recent months.
Attorney General Merrick Garland said at a press conference that the US and its allies would do “everything in our power” to track down ransomware operatives and claw back the money “they have stolen from the American people.”
Vasinskyi, 22, is being held in Poland pending US extradition proceedings, while Polyanin, 28, remains at large. CyberScoop, first