Law Enforcement Authorities Stopped the Activities of The Operators of the Ransomware NetWalker


Law enforcement agencies in the United States and Bulgaria have jointly disabled the infrastructure of one of the most active ransomware programs, NetWalker.


Law enforcement officials in Bulgaria seized the server used to host the NetWalker portal on the darknet, and their colleagues from the United States indicted a Canadian citizen who allegedly received $ 27.6 million from infected companies. In addition, the American authorities seized about $ 455 thousand in cryptocurrency, allegedly received from the last three NetWalker victim


The server seized by Bulgarian law enforcers was used to host pages where NetWalker victims were redirected to communicate with ransomware operators and negotiate a ransom. In addition, the server hosted a resource where cybercriminals published data stolen from companies in the event of non-payment of the ranso


Very little is known about the Canadian citizen charged in the United States. A resident of the Canadian city of Gatineau, Sebastian Vachon-Desjardins, is allegedly a partner of the NetWalker cybercriminal group, who rented malicious code from i


According to US authorities, at least 305 organizations in 27 countries fell victim to NetWalker, of which 203 were in the US. According to McAfee's August 2020 report , NetWalker operators "earned" $ 25 million between March and July last year, and this amount continued to grow until the malware infrastructure was shut dow


NetWalker had $ 46 million in revenue last year, according to Chainalysis, making NetWalker the fifth most profitable ransomware after Ryuk, Maze, Doppelpaymer and Sodinokibi. According to Chainalysis, Sebastien Vachon-Desjardins has partnered with operators and other ransomware programs such as Sodinokibi, Suncrypt and Ragnar locked

Previous Post Next Post