LockBit ransomware kingpin gets 4 years behind bars

A LockBit ransomware kingpin has been sentenced to almost four years behind bars and ordered to pay more than CA$860,000 ($635,000, £500,000) in restitution to some of his victims by a Canadian court as he awaits extradition to the US.

During a sentencing hearing this week, Justice Michelle Fuerst said 34-year-old Mikhail Vasiliev was a cyber-terrorist who was "motivated by his own greed," according to CTV News. 

Vasiliev, a dual Canadian-Russian national living in Bradford, Ontario, pleaded guilty last month to eight counts of cyber-extortion, mischief, and weapons charges against Canadian victims, including businesses in Saskatchewan, Montreal, and Newfoundland. He was said to have been an administrator within the LockBit gang.

The crook was arrested November 9, 2022, and is awaiting extradition proceedings to bring him to New Jersey, where he faces additional charges related to his involvement with LockBit. 

American prosecutors have charged Vasiliev with conspiring to intentionally damage protected computers and to transmit ransom demands. He faces up to five years in a US prison.

The prolific crime gang has extorted at least $120 million in ransom payments from more than 2,000 victims since 2020.

Earlier this year, an international law-enforcement effort took down LockBit's infrastructure, famously trolling the criminals in the process. 

Despite the extortionists setting up a new website and listing alleged victims just days later, it appears that the UK and US cops' efforts have hobbled the ransomware-as-a-service operation. 

The arrest of individual gang members, however, remains slow going. In addition to Vasiliev, just two other suspects — Ruslan Astamirov and Mikhail Matveev — have been named, and of those two only Astamirov has been arrested and charged with infecting victims with LockBit ransomware.

The group's top boss, LockBitSupp, remains free with and unknown (at least to the public) despite a $15 million bounty and law enforcement's bluff to reveal LockBitSupp's identity.

According to court documents [PDF], Canadian cops searched Vasiliev's home in August 2022 and discovered a file, cleverly named "TARGETLIST," on his gear containing a list of names that appeared to be prospective or historical cybercrime victims.

Law enforcement also found screenshots of Tor messages exchanged between Vasiliev and LockBitSupp, along with a text file containing instructions on how to deploy LockBit ransomware and source code for a program designed to encrypt data stored on Linux-based computers.

During a subsequent search in October 2022, the police found Vasiliev sitting at a table, laptop open, with his browser pointed to the crime gang's dark-web domain.

Vasiliev's lawyer, Louis Strezos, told a Canadian court Vasiliev leaned into cybercrime while stuck at home, during the pandemic, according to CTV News.

"Mikhail Vasiliev took responsibility for his actions, and that played out in today's courtroom with the sentence that was imposed," Strezos reportedly said outside the courthouse on Tuesday. ®