A member of one of the most dangerous hacking groups has been arrested

A court in Ontario, Canada has sentenced Sebastien Vachon-Desjardins to seven years in prison after pleading guilty to participating as an affiliate in the dangerous NetWalker ransomware operation. The defendant reportedly pleaded guilty to five criminal charges, including data theft, extortion, conspiracy to commit fraud and illegal access to protected computer systems.

In addition to the time he must spend in prison, the accused must return a part of the damages caused by his attacks, accept the seizure of his property and spend a period of supervised release. Vachon-Desjardins would have been involved in at least 17 ransomware attacks, generating losses of about $2.8 million USD.

In 2020, Canadian authorities began receiving reports related to NetWalker’s activity, sent by the Federal Bureau of Investigation (FBI). Authorities in the U.S. believed there was a group affiliated with the ransomware operation working from Quebec. Thanks to the collection of IP addresses, online accounts, aliases, email addresses and logs from Apple, Google, Microsoft and Mega.nz, the researchers were able to identify Vachon-Desjardins.

The defendant was arrested in Florida a couple of months ago, when the U.S. Department of Justice (DOJ) released a report claiming that NetWalker’s unit in Canada managed to raise up to $27.5 million USD, targeting organizations such as Northwest Territories Power Corporation, College of Nurses of Ontario and a large local tire store.

Although the defendant claimed that about 1,200 Bitcoin passed through his electronic wallet, investigators have only been able to seize 720 cryptocurrencies from Vachon-Desjardins’ accounts, since the defendant managed to convert part of these assets into cash. During his arrest, Vachon-Desjardins had more than half a million dollars in cash in his possession.

For the authorities, this arrest and sentence are not minor incidents: “The defendant was not an insignificant actor in these and other crimes, as he played a dominant role and helped NetWalker and other affiliates improve their ability to extort money from their victims and launder their illegal profits,” says G. Paul Renwick, the Canadian judge in charge of the case.

Renwick notes that the defendant already had a criminal record related to drug charges, being sentenced to 3 1/2 years in prison in 2015.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.