SECURITY
SECURITY
SECURITY
Man arrested in Canada for alleged involvement in LockBit ransomware attacks
A dual Russian and Canadian national has been arrested for his alleged involvement with the infamous LockBit ransomware gang.
Mikhail Vasiliev, 33, is accused of conspiring with others to damage protected computers intentionally and transmit ransom demands. He was arrested in Ontario, Canada, on Nov. 9 and is awaiting an extradition hearing.
The U.S. Department of Justice claims that Vasiliev “participated in the LockBit campaign by conspiring with others to intentionally damage protected computers and to transmit ransom demands.”
Precisely what that means, however, is unclear. There is no single “LockBit campaign,” and LockBit offers ransomware-as-a-service, meaning that LockBit attacks are not always undertaken by LockBit itself but by affiliates. Whether Vasiliev was an affiliate or was directly involved with the gang was not specified by the Justice Department.
A press release from Europol, which led the investigation along with the Federal Bureau of Investigation and the Canadian Royal Mounted Police, provided some further details. Europol claims that Vasiliev “is known for his extortionate ransom demands” ranging from 5 million to 70 million euros. Hinting that he may have been acting as a LockBit affiliate, the statement says that he “deployed the LockBit ransomware to carry out attacks,” not that he was running the group or was a direct member of the gang.
Canadian police are also said to have seized two firearms, eight computers, 32 external hard drives and 400,000 euros worth of cryptocurrency. “This arrest is the result of over two-and-a-half-years of investigation into the LockBit ransomware group, which has harmed victims in the United States and around the world,” Deputy Attorney General Lisa O. Monaco said in a statement.
LockBit emerged in January 2020 and is believed to have been deployed against as many as 1,000 victims in the U.S. The Justice Department claims that LockBit members have made at least $100 million in ransom demands and have successfully extracted tens of millions of dollars from victims.
The gang was last in the news in August when it was knocked offline in a distributed denial-of-service attack, but it has since fully recovered. LockBit has dozens of recent victims currently listed on its dark web blog (pictured). Notable recent victims include Thales Group SA, Continental AG, the Chattanooga Housing Authority and Meiji Singapore.
Image: LockBit
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
