An ex-government of Canada official pleaded guilty in a US court to crimes related to data theft stemming from his involvement with the NetWalker ransomware group.
Sebastien Vachon-Desjardins admitted on Tuesday that he had planned to commit bank fraud and phishing scams, intentionally damaged a protected computer, and also sent another demand regarding that illegally damaged computer.
Plea agreement filled
Vachon-Desjardins, 34, who had previously been sentenced to six years and eight months in prison after entering a guilty plea to five criminal offenses in Canada, was deported to the United States in March.
Vachon-Desjardins is "one of the most prolific NetWalker Ransomware affiliates," as per his plea agreement, and was in charge of extorting millions of dollars from several businesses all over the world. Along with 21 laptops, smartphones, game consoles, and other technological devices, he will also forfeit $21.5 million.
He has pleaded guilty to conspiracy to commit computer fraud, conspiracy to commit wire fraud, intentionally harming a protected computer, and conveying a demand related to intentionally damaging a protected computer, according to a court filing submitted this week. The accusations carry a maximum punishment of 40 years in jail combined. The attorneys did not identify the targeted business, but they did indicate that it is based in Tampa and was assaulted on May 1, 2020.
NetWalker gang's collapse
In 2019, a ransomware-as-a-service operation called NetWalker first surfaced. It is thought that the malware's creators are based in Russia. Its standard procedure – a profitable strategy also known as double extortion, includes acquiring sensitive personal data, encrypting it, and then holding it hostage in exchange for cryptocurrencies, or risk having the material exposed online.
According to reports, the NetWalker gang intentionally targeted the healthcare industry during the COVID-19 pandemic to take advantage of the global disaster. To work for other RaaS groups like Sodinokibi (REvil), Suncrypt, and Ragnarlocker, Vachon-Desjardins is suspected of being connected to at least 91 attacks since April 2020 in his capacity as one of the 100 affiliates for the NetWalker gang.
The Feds dismantled the crime gangs' servers and the dark website is used to contact ransomware victims as part of the takedown of the NetWalker gang. Then they took down Vachons-Desjardins, who, according to the FBI, made $27 million for the NetWalker gang.
His role in cybercrime is said to have included gathering information on victims, managing the servers hosting tools for reconnaissance, privilege escalation, data theft, as well as running accounts that posted the stolen data on the data leak site and collecting payments following a successful attack.
However, some victims did pay fees, and the plea deal connected Vachons-Desjardins to the successful extortion of roughly 1,864 Bitcoin in ransom payments, or about $21.5 million, from multiple businesses around the world.