An affiliate of the LockBit ransomware gang has been sentenced to almost four years in jail after earlier pleading guilty to charges of cyber extortion and weapons charges.
34-year-old Mikhail Vasiliev, who has dual Russian and Canadian nationality, was arrested in 2022 as part of a multinational law enforcement investigation into LockBit that started in March 2020.
According to media reports, Vasiliev admitted targeting organisations, encrypting their data, and demanding over $100 million for the LockBit gang.
Canadian police raided Vasiliev’s home in Bradford, Ontario, in August 2022, finding a list on his computer of past and prospective targets, including details of a New Jersey firm hit by LockBit in late 2021.
Investigators also discovered on Vasiliev’s PC other evidence of his closeness to the LockBit ransomware gang: malicious source code, images of usernames and passwords, and screenshots of end-to-end encrypted conversations between Vasiliev and LockBit’s mysterious administrator, LockBitSupp, discussing the extortion of victims.
On a later search, in October 2022, officers said they had discovered Vasiliev say in his garage, looking at his computer. According to investigators, they managed to stop Vasiliev from locking his PC and noticed that it appeared to be connected to a LockBit control panel.
At trial, Vasiliev’s lawyer argued that financial difficulties during the COVID-19 pandemic had pushed his client towards cybercrime. The judge, however, rejected the justification and described Vasiliev as a “cyber terrorist” who was motivated by greed.
Vasiliev has also been ordered to pay $860,000 in restitution to his Canadian victims in addition to his prison sentence. He also faces extradition to the United States to face further charges related to the LockBit ransomware attacks.
LockBit has attempted to extort money from many firms in recent years. One notable target was Accenture in August 2021. The gang allegedly stole six terabytes of data and demanded a $50 million ransom from the IT and consulting giant. Other victims include the UK’s Merseyrail railway and German autoparts giant Continental.
Last month, law enforcement agencies disrupted LockBit’s infrastructure and offered a $15 million reward for information on the cybercrime group’s leaders.
Despite LockBit’s attempts to still depict itself as a major player in the world of ransomware, it appears that coordinated action by law enforcement is paying off and weakening the gang.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor and do not necessarily reflect those of Tripwire.