REvil hacker Yevgeniy Polyanin on the FBI wanted list

On Monday, November 8, 2021 United States Department of Justice announced charges against two foreign nationals Russian Yevgeniy Polyanin and Ukrainian Yaroslav Vasinskyi. They reportedly deployed Sodinokibi/REvil ransomware to attack government entities and businesses in the United States.

REvil hacker appeared on the FBI wanted list

According to the indictment Yevgeniy Polyanin, 28, a Russian national conducted Sodinokibi/REvil ransomware attacks against multiple victims, including government entities and businesses in Texas on or about Aug. 16, 2019. Also the Department added an announcement of the seizure of $6.1 million in funds identifiable with alleged ransom payments received by Yevgeniy Polyanin. Meanwhile FBi authorities says hacker probably hides in Barnaul, Russia.

REvil hacker Yevgeniy Polyanin on the FBI wanted list
Yevgeniy Polyanin on the FBI wanted list

Another charged individual Yaroslav Vasinskyi, 22, a Ukrainian national reportedly conducted ransomware attacks against numerous victims as well. The most known one includes the July 2021 attack against Kaseya, a multinational information technology software company. At the present time Vasinskyi remains held by Polish authorities in connection with his requested extradition to the United States.

Hackers conducted large scale ransomware attacks

Vasinskyi and Polyanin received their charges in separate indictments with conspiracy to commit fraud and related activity in connection with computers. Also it covers substantive counts of damage to protected computers, and conspiracy to commit money laundering. Notably if convicted of all counts, each individual faces a maximum penalty of 115 and 145 years in prison, correspondingly.

“ Polyanin’s ransomware attacks affected numerous companies and entities across the United States, including law enforcement agencies and municipalities throughout the State of Texas. Polyanin ultimately extorted approximately $13 million from his victims,” Attorney General Garland Remarks as Delivered.

After the deployment of Sodinokibi/REvil the defendants left for victims a notice on the ransom payment. If the victim refused to pay the money they would threaten the victim with publishing the data or selling it to the third parties. If hackers received the demanded money they would present the decryption key for the victim.

The FBI’s Dallas and Jackson Field Offices are leading the investigation. The operation was conducted in close cooperation with Europol and Eurojust. Romania’s National Police and the Directorate for Investigating Organised Crime and Terrorism; Dutch National Police; Poland’s National Prosecutor’s Office, Border Guard, Internal Security Agency, and Ministry of Justice along with other jurisdictions greatly contributed to the case.

Denis Dubnikov detention in connection with Yevgeniy Polyanin

Pavel Vrublevsky, a contributor to Russian Forbes, shared tweets concerning Polyanin. He writes that Polyanin must have used Denis Dubnikov`s EGGCash-Coyotes. For this reason Vrublevsky links this fact to Dubnikov`s arrest in the Netherlands this month.

In short, Denis Dubnikov, 29, co-founder of several cryptoprojects, such as EGGCHANGE and Coyote Crypto faced detention in Amsterdam. His business is allegedly connected to the cryptocurrency theft beginning from 2018. Part of the criminal operations were conducted through his services, according to media reports.

About Andy

Cybersecurity journalist from Montreal, Canada. Studied communication sciences at Universite de Montreal. I was not sure if a journalist job is what I want to do in my life, but in conjunction with technical sciences, it is exactly what I like to do. My job is to catch the most current trends in the cybersecurity world and help people to deal with malware they have on their PCs.

Check Also

Attackers usually don`t brut-force long passwords

Attackers usually don`t brute-force long passwords

Microsoft’s network of honeypot servers data showed that very few attacks targeted long and complex …

Another Windows zero day allows for admin privileges

Another Windows zero day allows for admin privileges

Researcher Abdelhamid Naceri who often reports on Windows bugs this time dropped a working proof-of-concept …

Leave a Reply