A Quebec man has been sentenced to six years and eight months in prison by a Canadian judge for his role as an affiliate of the Netwalker ransomware gang and attacks on 17 Canadian organizations.
According to the Toronto Star, Sebastien Vachon-Desjardins received that sentence last week after pleading guilty to participation in an organized crime group, two counts of extortion and committing mischief to data.
The news report said Vachon-Desjardins was called “a sophisticated cyberterrorist” by the judge.
Related content: Free Ransomware Playbook for cyber defenders
Vachon-Desjardins was arrested in Florida just over a year ago. According to the U.S. Department of Justice, he allegedly earned about $27.6 million through ransomware attacks on Canadian companies such as the Northwest Territories Power Corporation, the College of Nurses of Ontario and a Canadian Tire store in B.C.
UPDATE: According to The Record, on June 28th Vachon-Desjardins agreed to plead guilty in a U.S. court to hacking an American company.
According to The Star, in his decision the Canadian judge said police tracked Vachon-Desjardins through IP and email addresses, personal information he revealed on social media and information from U.S. authorities.
According to a transcript of the judge’s decision obtained by The Record, the Canadian investigation started in August, 2020 when the RCMP was told by the FBI that an affiliate of the Netwalker gang was operating in Gatineau, Quebec. He was suspected of having received over $15 million in payments.
After Vachon-Desjardins’ arrest police searched his Gatineau home and bank accounts. “I am told,” the judge wrote, “that the fruits of the search warrants and general warrant to seize cryptocurrency resulted in many devices seized with approximately 20 terabytes of data … I was told that the data seized from the defendant, if printed, would fill an entire hockey arena. Given this reality, but for the defendant’s decision to cooperate with Canadian authorities, the police would not have charged the Defendant for several years while they sifted through the mountain of data to identify victims and searched for proof to mount a successful prosecution.”
Vachon-Desjardins “excelled at what he did,” the judge wrote. “Between 10-15 unknown individuals hired the defendant to teach them his methods.”
Vachon-Desjardins told investigators he paid 224 bitcoins to invest in the NetWalker group and the next generation of the gang’s malicious code. He even improved upon the ransom messages used by NetWalker affiliates and eventually convinced the creator of NetWalker to use “mixing services” to disguise funds paid for ransoms in bitcoin, according to the judge.
Ultimately over 1,200 Bitcoins related to his NetWalker malware activities passed through his e-wallet and were shared with unindicted co-conspirators and the developer of the NetWalker ransomware, the judge said.
Vachon-Desjardins admitted that his entire ransomware activities involved over 2,000 bitcoins. Some of that was later converted into Canadian dollars through unlawful channels. The RCMP seized slightly less than 720 bitcoins from his e-wallets and accounts, and he told police investigators sometimes he got bags of money ranging from $100,000 to $150,000. “Cash seized ($640,040) from the defendant’s home and his bank account balances ($420,941) indicate that the defendant had liquid assets of over one million dollars in January 2021.” the judge wrote. That money will be paid in restitution to some of the victims.