A 34-year-old Russian-Canadian, Mikhail Vasiliev, has been handed a nearly four-year prison sentence in Canada. His crime? Involvement in the notorious LockBit ransomware operation.
Vasiliev, a resident of Ontario, was apprehended in November 2022 and subsequently charged by the U.S. Department of Justice. The charges included conspiracy to intentionally damage protected computers and transmitting ransom demands.
Details of the Case
Canadian law enforcement conducted searches of Vasiliev’s residence in August and October 2022. The search revealed a list of potential or past victims and screenshots of conversations with “LockBitSupp” on the Tox messaging platform.
Investigators also discovered a text file containing instructions for deploying the LockBit ransomware, the ransomware’s source code, and a control panel used by the cybercrime group to distribute the malware.
Vasiliev’s Guilty Plea and Sentence
Vasiliev pleaded guilty to eight counts of cyber extortion, mischief, and weapons charges. Justice Michelle Fuerst, during the sentencing, described him as a “cyber-terrorist” driven by greed.
It is believed that Vasiliev turned to cybercrime during the COVID-19 pandemic. He attempted to extort ransom payments from three Canadian companies between 2021 and 2022 by stealing and holding their data hostage.
In addition to his prison sentence, Vasiliev, who has agreed to extradition to the U.S., has been ordered to repay more than $860,000.
LockBit’s Downfall and Resurgence
LockBit, one of the most active ransomware groups in history, suffered a significant setback in February 2024. Law enforcement agencies seized its infrastructure in a coordinated operation, leading to the arrest of three LockBit affiliates in Poland and Ukraine.
Despite the group’s attempts to reestablish itself with a new data leak site, there are indications that the listed victims are either previous victims or fabricated entries, likely an attempt to create the illusion of operational continuity.
Bitcoin Fog Operator Convicted
In related news, a federal jury in Washington, D.C., found Roman Sterlingov, a dual Russian-Swedish national, guilty of operating Bitcoin Fog. This service, active from 2011 through 2021, facilitated the laundering of profits from various illegal activities, including drug sales, computer crimes, identity theft, and child sexual abuse material.
Ilya Lichtenstein, who admitted in August 2023 to stealing about 120,000 bitcoin in relation to the Bitfinex cryptocurrency exchange hack, testified last month. He revealed that he had used Bitcoin Fog 10 times to launder the stolen assets.
Bitcoin Fog, known as the longest-running cryptocurrency ‘mixer,’ has gained infamy as a preferred money laundering service for criminals looking to conceal their illicit gains from law enforcement. Over its decade-long operation, Bitcoin Fog moved over 1.2 million bitcoin, valued at approximately $400 million at the time of the transactions.