US charges NetWalker ransomware affiliate, seizes ransom payments
By
The U.S. Justice Department announced today the disruption of the Netwalker ransomware operation and the indictment of a Canadian national for alleged involvement in the file-encrypting extortion attacks.
Earlier today, BleepingComputer reported that law enforcement in the U.S. and Bulgaria seized Netwalker sites on the dark web used for leaking data from non-paying victims and for negotiating payments for data decryption.
In a press release published minutes ago, the DOJ confirms the success of the takedown effort in cooperation with the Bulgarian National Investigation Service and General Directorate Combating Organized Crime.
UPDATE
Hot on the heels of the Emotet takedown announced Wednesday, the NetWalker ransomware has also been partially disrupted by an international police action.
The Department of Justice said Wednesday that it has brought charges “against a Canadian national in relation to NetWalker ransomware attacks,” while also seizing around $454,500 in cryptocurrency from ransom payments made by three separate victims.
The Canadian in question, Sebastien Vachon-Desjardins of Gatineau, is alleged to have raked in more than $27.6 million overall from NetWalker activities, as an affiliate to the operation. Affiliates partner with ransomware gangs in order to gain access to the malware, but they carry the actual attacks out themselves and pocket as much as 80 percent of the ransom in return.