[German]Law enforcement officials have now struck a blow against a member (or an affiliate, who obtains the ransomware in exchange for participation and uses it on his own account) of the Lockbit ransomware gang. A person with Russian-Canadian citizenship was arrested in Canada, accused of involvement in Lockbit ransomware gang operations. The arrest was preceded by operations in Ukraine.
Advertising
According to a Europol statement dated November 10, 2022, one of the world's most prolific ransomware operators had already been arrested in Ontario, Canada, on October 26, 2022. This was preceded by a complex investigation led by the French Gendarmerie Nationale with support from Europol, the U.S. Federal Bureau of Investigation (FBI), and the Canadian Royal Canadian Mounted Police (RCMP).
According to this document, the person arrested from Bradford, Ontario, Canada, is 33-year-old Mikhail Vasili, who holds both Russian and Canadian citizenship. The extradition of the suspect to the USA has been requested.
This arrest is the result of over two and a half years of investigation into the LockBit ransomware group that has harmed victims in the United States and around the world, law enforcement officials say. The 33-year-old defendant allegedly used the LockBit ransomware to carry out attacks against critical infrastructure and major industrial groups around the world. This involved extortionate ransom demands of between €5 million and €70 million. This arrest follows an [October 2021] operation in Ukraine that led to the arrest of two of his accomplices.
With the support of Europol, investigators from around the world have since worked closely together to identify the whereabouts of the main operator. This suspect was one of Europol's high-profile targets, having been involved in numerous high-profile ransomware cases.
Investigators from the French Gendarmerie, the U.S. FBI and Europol's European Cybercrime Center (EC3) were dispatched to Ontario to conduct joint investigative actions with Canadian law enforcement. The following items were seized from the suspect's residence:
Advertising
- 2 firearms
- 8 computers and 32 external hard drives
- EUR 400,000 in cryptocurrencies
The suspect will face trial in the United States after his extradition. This operation was carried out with financial support from the European Multidisciplinary Platform against Criminal Threats (EMPACT).
A ransomware report from threat intelligence firm Digital Shadows shows that in the third quarter of 2022, LockBit and its partners accounted for more than one-third of all ransomware attacks involving companies published on ransomware leak sites. Researchers attributed more than 200 victims to Lo
Bleeping Computer colleagues reported also here. According to a second article by the colleagues, members of a fraud ring have also been arrested in Ukraine, which has captured 200 million euros per year.
