Two charged in ransomware attack case that involved JBS

The U.S. Department of Justice (DOJ) charged a Ukrainian national and a Russian national for their alleged involvement in ransomware attacks against multiple victims. The ransomware group with which those two suspects are allegedly affiliated has been implicated with the May cyberattack on JBS USA.

Roy Graber Headshot
(Courtesy of JBS)
(Courtesy of JBS)

The U.S. Department of Justice (DOJ) charged a Ukrainian national and a Russian national for their alleged involvement in ransomware attacks against multiple victims. The ransomware group with which those two suspects are allegedly affiliated has been implicated with the May cyberattack on JBS USA.

Yaroslav Vasinkskyi, 22, a Ukrainian national, and Yevgeniy Polyanin, 28, a Russian national, are accused of deploying Sodinokibi/REvil ransomware to attack businesses and governmental entities, a press release from the DOJ stated.  Vasinskyi was arrested in Poland, where he remains in custody pending proceedings in connection with his requested extradition to the United States.

According to the indictments, Vasinskyi and Polyanin accessed the internal computer networks of several victim companies and deployed Sodinokibi/REvil ransomware to encrypt the data on the computers of victim companies.

The DOJ also stated that $6.1 million in funds traceable to alleged ransom payments received by Polyanin.

“This ransomware strain has wreaked havoc across the globe,” Federal Bureau of Investigation (FBI) Director Christopher Wray stated. “Extorting vast sums and inflicting significant damage with attack on, to name just a few, JBS Foods, local governments in Texas, hospitals, schools, 911 call centers and, of course, Kaseya.”

Kaseya is a multi-national information technology software company.

JBS, on May 31, confirmed it was the target of an organized cybersecurity attack, which affected some of the servers supporting the company’s information technology (IT) systems in the United States and Australia. All affected systems were quickly suspended, and it was not believed that any customer, supplier or employee data was compromised. However, as a precaution, operations at some JBS and Pilgrim’s Pride facilities in the U.S., Australia and Canada were temporarily suspended.

JBS agreed to pay the equivalent of US$11 million in ransom. JBS USA CEO Andre Nogueira said this of the decision to make that payment: “This was a very difficult decision to make for our company and for me personally. However, we felt this decision had to be made to prevent any potential risk for our customers.”

Page 1 of 1576
Next Page