A former Canadian government employee accused of carrying out dozens of ransomware attacks has been extradited to the United States, with more than $28 million in bitcoins seized in connection with the case.
Sébastien Vachon-Desjardins, who worked as an IT consultant for Public Works and Government Services in Canada, according to his LinkedIn profile, was extradited to the United States on Wednesday, where he will face multiple charges related to his alleged participation in the group. NetWalker ransomware. , the US Department of Justice announced this week.
NetWalker, also known as “Mailto”, is a prolific ransomware-as-a-service (RaaS) operation that engages affiliates to deploy ransomware in exchange for a share of the ransom payment. The group first surfaced in 2019 and has since been linked to several high-profile attacks. In June 2020, the group targeted the University of California, San Francisco, which paid a ransom of over $1 million. Three months later, NetWalker hit Cygilant, a cyberthreat startup.
The RaaS operation also targeted Argentina’s immigration agency, Pakistan’s largest private power utility and, at the height of the COVID-19 pandemic, a number of hospitals and agencies responsible for of law enforcement. Between August 2019 and January 2021, ransomware attacks involving NetWalker generated $46 million in ransom payments, according to cryptocurrency analysis company Chainalysis.
Vachon-Desjardins was arrested by Canadian police in January 2021 as part of an international law enforcement campaign targeting ransomware group NetWalker. During a search of his home in Quebec, officers found 719 bitcoins, valued at around $28.1 million at the time of this writing, and $790,000 in Canadian currency. Authorities in the United States and Belgium have also grabbed the dark web used by NetWalker to publish stolen data to victims.
At the time, Vachon-Desjardins was sentenced by a Canadian court to seven years in prison after pleading guilty to five counts related to theft of computer data, extortion, payment of ransoms in cryptocurrency. and participation in the activities of a criminal organization.
With Vachon-Desjardins now in the United States, he faces other charges that accuse him of conspiracy to commit computer fraud and wire fraud, intentional damage to a protected computer and transmission of a request in connection with damage to a protected computer.
If found guilty, he could be required to give up more than $27 million for his involvement in the NetWalker ransomware gang.
“As the seizure of cryptocurrency by our Canadian partners illustrates, we will use all legally available avenues to pursue the seizure and confiscation of suspected ransomware proceeds, whether located domestically or abroad,” said Assistant Attorney General Kenneth Polite Jr. “The department will not stop pursuing and seizing cryptocurrency ransoms, thwarting ransomware actors’ attempts to evade law enforcement through the use virtual currency.
News of Vachon-Desjardins’ extradition comes just days after a member of ransomware group REvil was arrested and extradited to Texas to face US charges for his alleged involvement in the Kaseya hack.