A LockBit Ransomware operator, a Russian national has been detained by Canadian police

A dual Russian and Canadian national is accused of taking part in the LockBit worldwide ransomware attack in a criminal complaint unsealed today in the District of New Jersey. A ransomware strain called LockBit initially surfaced in or around January 2020. It has developed into one of the most destructive and aggressive ransomware versions worldwide. LockBit has been used against at least 1,000 victims in the United States and other countries since it first appeared. Members of LockBit have demanded at least $100 million in ransom and have received actual payments totaling tens of millions of dollars from their victims. The LockBit plot has been under investigation by the FBI since March 2020 or thereabouts.

Mikhail Vasiliev, 33, of Bradford, Ontario, Canada, is being held in Canadian jail as he waits to be extradited to the US. Vasiliev reportedly took part in the LockBit campaign, per court filings. He is accused of conspiring to send ransom demands and purposefully harm protected systems. He might spend up to five years in jail if found guilty. After taking into account the U.S. Sentencing Guidelines and other legal considerations, a federal district court judge will decide on any punishment.

Vasiliev is accused of conspiring to send ransom demands and purposefully harm protected systems. He might spend up to five years behind bars.

According to Europol, two of the suspect’s friends were apprehended in Ukraine in October 2021.

At the time, the law enforcement agency said that owing to operational constraints, it was unable to identify the ransomware organization to which they belonged.

Although the suspect is referred to the investigators as a “operator,” he may simply be an affiliate since operators provide the infrastructure and software used in their operations, thus his arrest may not have a significant effect on the LockBit operation.

One of the most recent victims listed on the website of the cybercrime gang, the LockBit ransomware organization, is the German auto parts manufacturer Continental.

In August, Continental acknowledged that it had been the subject of a hack, but it withheld other details.

After apparent failure in discussions with the business, the LockBit group is now asserting that it has stolen 40 Gb of data from the latter and is now proposing to sell it for $50 million. According to Deputy Attorney General Lisa O. Monaco, “this arrest is the culmination of more than two and a half years of investigation into the LockBit ransomware gang, which has harmed victims in the United States and throughout the world.” Additionally, it is the outcome of the more than ten years of expertise that FBI agents, Justice Department prosecutors, and our foreign partners have accumulated in eliminating cyber threats. Let this serve as yet another reminder to ransomware developers that the Department of Justice will keep thwarting online threats and holding offenders accountable in collaboration with partners across the world. We will employ every weapon at our disposal, together with our allies, to stop, dissuade, and punish cybercriminals. According to FBI Deputy Director Paul Abbate, “yesterday’s successful arrest underscores our capacity to continue and apply persistent pressure against our adversaries.” “The FBI’s tenacious investigation efforts, in close conjunction with our federal and foreign partners, underscore our commitment to utilize all of our resources to guarantee we safeguard the American public from these transnational cyberthreat actors,” said Deputy Director James Comey.