Monday, May 23, 2022

Canadian sentenced for his role in Netwalker ransomware attacks

A Quebec man has been sentenced to six years and eight months in prison by a Canadian judge for his role as an affiliate of the Netwalker ransomware gang and attacks on 17 Canadian organizations.

According to the Toronto Star, Sebastien Vachon-Desjardins received that sentence last week after pleading guilty to participation in an organized crime group, two counts of extortion and committing mischief to data.

The news report said Vachon-Desjardins was called “a sophisticated cyberterrorist” by the judge.

Related content: Free Ransomware Playbook for cyber defenders

Vachon-Desjardins was arrested in Florida just over a year ago. According to the U.S. Department of Justice, he allegedly earned about $27.6 million through ransomware attacks on Canadian companies such as the Northwest Territories Power Corporation, the College of Nurses of Ontario and a Canadian Tire store in B.C.

According to The Star, in his decision the judge said police tracked Vachon-Desjardins through IP and email addresses, personal information he revealed on social media and information from U.S. authorities.

According to a transcript of the judge’s decision obtained by The Record, the Canadian investigation started in August, 2020 when the RCMP was told by the FBI that an affiliate of the Netwalker gang was operating in Gatineau, Quebec. He was suspected of having received over $15 million in payments.

After Vachon-Desjardins’ arrest police searched his Gatineau home and bank accounts. “I am told,” the judge wrote, “that the fruits of the search warrants and general warrant to seize cryptocurrency resulted in many devices seized with approximately 20 terabytes of data … I was told that the data seized from the defendant, if printed, would fill an entire hockey arena. Given this reality, but for the defendant’s decision to cooperate with Canadian authorities, the police would not have charged the Defendant for several years while they sifted through the mountain of data to identify victims and searched for proof to mount a successful prosecution.”

Vachon-Desjardins “excelled at what he did,” the judge wrote. “Between 10-15 unknown individuals hired the defendant to teach them his methods.”

Vachon-Desjardins told investigators he paid 224 bitcoins to invest in the NetWalker group and the next generation of the gang’s malicious code. He even improved upon the ransom messages used by NetWalker affiliates and eventually convinced the creator of NetWalker to use “mixing services” to disguise funds paid for ransoms in bitcoin, according to the judge.

Ultimately over 1,200 Bitcoins related to his NetWalker malware activities passed through his e-wallet and were shared with unindicted co-conspirators and the developer of the NetWalker ransomware, the judge said.

Vachon-Desjardins admitted that his entire ransomware activities involved over 2,000 bitcoins. Some of that was later converted into Canadian dollars through unlawful channels. The RCMP seized slightly less than 720 bitcoins from his e-wallets and accounts, and he told police investigators sometimes he got bags of money ranging from $100,000 to $150,000. “Cash seized ($640,040) from the defendant’s home and his bank account balances ($420,941) indicate that the defendant had liquid assets of over one million dollars in January 2021.” the judge wrote. That money will be paid in restitution to some of the victims.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Related Tech News

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.