Business & Technology

Ukraine’s Yaroslav Vasinskyi charged with ransomware attack on Kaseya, arrested in Poland


Yaroslav Vasinskyi, 22, of Ukraine has been charged with conspiracy to commit fraud and related activity in connection with computers, substantive counts of damage to protected computers, and conspiracy to commit money laundering. If convicted of all counts, he faces a maximum penalty of 115 years in prison.

On November 8, 2021, the United States Department of Justice unsealed an indictment charging Vasinskyi with conducting ransomware attacks against multiple victims including Kaseya, a multi-national information technology software company owned by Insight Partners.

Kaseya develops software for managing networks, systems and information technology infrastructure. Found in 2001 and headquartered in Miami, Florida, USA, it has branch locations across not only the U.S. but also Europe and Asia Pacific.


On July 2, 2021, Vasinskyi allegedly caused the deployment of malicious Sodinokibi/REvil code throughout a Kaseya product that caused the Kaseya production functionality to deploy REvil ransomware to endpoints on Kaseya customer networks. The ransomware was executed on those computers after the remote access to Kaseya endpoints was established, encrypting on computers of organizations around the world that used Kaseya software.

On October 8, 2021, Vasinskyi was arrested in Poland. He was jailed there pending proceedings in connection with his requested extradition to the U.S. pursuant to the extradition treaty between the two countries.


The U.S. Department of Justice also announced the seizure of $6.1 million in funds traceable to alleged ransom payments received by Yevgeniy Polyanin, 28, of Russia. He is accused of conducting Sodinokibi/REvil ransomware attacks against multiple victims, including businesses and government entities in Texas, USA on or about August 16, 2019.

“The arrest of Yaroslav Vasinskyi, the charges against Yevgeniy Polyanin and seizure of $6.1 million of his assets and the arrests of two other Sodinokibi/REvil actors in Romania are the culmination of close collaboration with our international, U.S. government and especially our private sector partners,” Federal Bureau of Investigation director Christopher Wray said. “The FBI has worked creatively and relentlessly to counter the criminal hackers behind Sodinokibi/REvil. Ransomware groups like them pose a serious, unacceptable threat to our safety and our economic well-being.”

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.