The Department of Justice has so far charged one Canadian national and seized nearly $500,000 in relation to Netwalker ransomware.

Dark Reading Staff, Dark Reading

January 29, 2021

1 Min Read

The Department of Justice (DoJ) has announced a coordinated law enforcement operation to disrupt Netwalker, an advanced form of ransomware.

Netwalker has targeted a range of victims including businesses, municipalities, hospitals, law enforcement, emergency services, school districts, colleges, and universities, the DoJ reports. Its operators have specifically targeted the healthcare sector during the COVID-19 pandemic.

Attackers who deploy Netwalker, which operates in a ransomware-as-a-service model, usually gain access to a target machine days or weeks before a ransom note is delivered, officials say. During this time, they escalate privileges and spread Netwalker across devices. Once they have infected enough computers, they send a ransom note.

So far, officials have charged Canadian national Sebastien Vachon-Desjardins in relation to the Netwalker attacks, which have reportedly earned operators tens of millions of dollars in revenue. They have also seized roughly $454,530 in cryptocurrency from ransom payments and disabled a Dark Web resource that attackers used to communicate with their victims.

This Dark Web resource, seized by authorities in Bulgaria, was used by Netwalker affiliates to send payment instructions and communicate with victims. Those who try to access the resource now will see a banner stating it has been seized by law enforcement. 

Read the full DoJ release for more details.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights