In an action that also included the Bulgarian authorities, the Department of Justice confiscated half a million dollars in cryptography from NetWalker.
With the assistance of the leading blockchain analytics company Chainalysis, U.S. authorities have struck a big malware operator.
The Department of Justice reported on Wednesday the recovery of $454,530.19 of NetWalker cryptocurrencies, a malware operator claimed by the Federal Bureau of Investigation to have attacked hospitals worldwide in the wake of the COVID-19 pandemic.
Chainalysis, which took the opportunity to promote the company’s interest in monitoring NetWalker hardware in Bulgaria as well as Sebastien Vachon-Desjardins, was piggybacking on the DoJ’s announcement. The DoJ arrested Vachon-Desjardins, a Canadian national who is suspected to be a NetWalker network associate who, via his malware, raised $27.6 million.
A criminal case against all of those involved in NetWalker has yet to be published by the DoJ, possibly because, if the claims are accurate, there are tens of millions of dollars remaining to be seized. Chainalysis acknowledged the ransomware-as-a-service business model of NetWalker as particularly difficult to investigate because:
“Attackers known as affiliates ‘rent’ usage of a particular ransomware strain from its creators or administrators, who in exchange get a cut of the money from each successful attack affiliates carry out. RaaS has led to more attacks, making it even more difficult to quantify the full financial impact.”
Back in July 2020, the FBI first flagged NetWalker as a danger to hospitals. At the time, in March 2020, when COVID-19 lockdowns had come into effect around the world, the department said it had first found the ransomware.
Over the past year, ransomware has been on the rise, as remote working has opened up new vulnerabilities in company networks or, in this case, in the willingness of people to click on dubious links in emails that offer possible COVID-19 conditions details.
Interest in ransomware by law enforcement has risen, correspondingly. In addition to other forensic issues, for businesses such as Chainalysis, who have seen an inflow of government contracts, the spike in ransomware tracing has been lucrative.
314 Interactions, 6 today