The US Justice Department has charged a Ukrainian and a Russian over their involvement in the cyberattack on Florida-based software provider Kaseya.

The attack on the IT firm, which occurred during the weekend of July 4, caused significant damage to firms worldwide, forcing Swedish grocery chain Coop to shut almost all its 800 stores.

The cyberattack reportedly impacted up to 1,500 businesses around the world and resulted in $200 million of cryptocurrency payments to criminal actors according to the US Treasury Department.

Yaroslav Vasinskyi of Ukraine and a Russian national called Yevgeniy Polyanin were accused of using tools developed by the REvil ransomware gang to attack numerous companies.

These attacks include the May attack on the US Colonial Pipeline, which prevented gas reaching many states in the American South, causing prices to spike.

The attacks were also said to include the cyberattack on US-beef supplier JBS, also in May this year.

The department seized $6.1 million from Vasinskyi, who had been taken into custody in Poland last month.

Polyanin is still at large, though authorities are searching for him, on accusations he used REvil’s tools to extort approximately $13 million from his victims.

The US State Department is offering a reward of up to $10 million for information leading to the identification or location of anyone involved in the REvil organisation.

The department is also offering $5 million for information leading to the arrest or conviction of anyone who participated in a REvil attack.

REvil has previously operated under the pseudonyms GandCrab and Sodinikobi.

“We are bringing the full strength of the federal government to disrupt malicious cyber activity and actors, bolster resilience at home, address the abuse of virtual currency to launder ransom payments, and leverage international cooperation to disrupt the ransomware ecosystem and address safe harbors for ransomware criminals,” said US president Joe Biden. “While much work remains to be done, we have taken important steps to harden our critical infrastructure against cyberattacks, hold accountable those that threaten our security, and work together with our allies and partners around the world to disrupt ransomware networks — and my administration will continue to use every tool available to us to protect the American people and American interests against cyber threats”.

Share Story: