In Canada, a 34-year-old Russian-Canadian citizen has been sentenced to nearly four years in prison for his involvement in the LockBit ransomware campaign.
Mikhail Vasiliev, a resident of Ontario, was apprehended in November 2022 and accused by the U.S. Department of Justice (DoJ) of “conspiring with others to intentionally damage protected computers and transmit ransom demands.”
The news of Vasiliev’s imprisonment was initially disclosed by CTV News.
Reports suggest that Vasiliev, whose residence was searched by Canadian law enforcement in August and October 2022, maintained a record of potential or past victims and saved screenshots of communications with “LockBitSupp” on the Tox messaging platform.
During the search, authorities discovered a text document containing instructions for deploying the LockBit ransomware, along with the ransomware’s source code and a control panel utilized by the criminal group to distribute the file-encrypting malware.
Cybersecurity
As reported by CTV News, Vasiliev pleaded guilty to eight charges of cyber extortion, mischief, and weapons offenses the previous month. During sentencing, Justice Michelle Fuerst characterized him as a “cyber terrorist” motivated by personal greed.
It’s alleged that Vasiliev turned to cybercrime during the COVID-19 pandemic, attempting to extort ransom payments from three Canadian companies between 2021 and 2022 by stealing and withholding their data.
Moreover, Vasiliev, who has agreed to extradition to the U.S., has been instructed to reimburse over $860,000 in restitution.
LockBit, one of the most active ransomware syndicates in history, suffered a significant setback in February 2024 when its infrastructure was dismantled in a coordinated law enforcement operation. This operation led to the arrest of three LockBit associates in Poland and Ukraine.
Despite resurfacing with a new data leak platform, indications suggest that the newly listed victims may be either outdated or fictitious, designed to create the illusion of the group’s continued operations.
This development coincides with the conviction of Roman Sterlingov, a dual Russian-Swedish citizen, by a federal jury in Washington, D.C. Sterlingov was found guilty of operating Bitcoin Fog from 2011 to 2021, a service facilitating the laundering of profits from illicit activities, including drug trafficking, computer crimes, identity theft, and child exploitation.
Cybersecurity
According to Bloomberg, Ilya Lichtenstein, who admitted guilt in August 2023 for his involvement in the theft of approximately 120,000 bitcoins from the Bitfinex exchange, testified last month about using Bitcoin Fog on ten occasions to launder virtual assets.
The DoJ described Bitcoin Fog as the longest-running cryptocurrency mixer, known for its role as a preferred money laundering service among criminals seeking to conceal illicit proceeds from law enforcement. Over its decade-long operation, Bitcoin Fog facilitated the movement of over 1.2 million bitcoins, valued at approximately $400 million at the time of the transactions.
