On Thursday, the U.S. Department of Justice announced the unsealing of a criminal complaint against Mikhail Vasiliev, a Russian and Canadian national, for his involvement in the LockBit global ransomware campaign. According to the Department’s press release, Vasiliev was arrested in Ontario, Canada and is awaiting extradition to the United States on charges of conspiracy to intentionally damage protected computers and to transmit ransom demands.
The complaint explained that LockBit is one of the most destructive ransomware variants in the world and first appeared around January 2020. Like other ransomware, the malware encrypts data stored on a victim’s computer system, blocking the user from accessing it and/or transmitting data to a remote computer with victims typically obligated to pay a ransom to meet hacker demands.
Since its first deployment, LockBit has had up to 1,000 victims globally, with the malware’s creators pocketing at least $100 million in ransom demands, the DOJ said.
This week’s arrest comes after two and a half years of a coordinated investigation by the cybercrime arms of several federal law enforcement agencies. The complaint said that Vasiliev’s involvement was confirmed after Canadian officials searched his Bradford, Ontario home in August 2022 and found an electronic file containing a list of what appeared to be either prospective or historical cybercrime victims as well as incriminating text messages and LockBit source code.
A second search in October yielded evidence that linked Vasiliev to a bitcoin ransom payment made by a LockBit victim. If convicted, Vasiliev could face up to five years in prison.