The Justice Department and FBI indicted 31-year-old Canadian Matthew Philbert for his alleged involvement in several ransomware attacks.
U.S. Attorney Bryan Wilson of the District of Alaska said in a statement that Philbert “conspired with others known and unknown to the United States to damage computers, and in the course of that conspiracy did damage a computer belonging to the State of Alaska in April 2018.” Wilson and Canadian officials received assistance from Dutch authorities and Europol in this case.
Canadian officials also pressed charges against Philbert after he was arrested on November 30, but officials did not disclose what ransomware group Philbert belongs to or what attacks he was involved in.
Philbert is currently facing one count of conspiracy to commit fraud and another count of fraud and related activity connected with computers.
The FBI worked with officials in Ontario on Philbert’s activities, which included ransomware attacks targeting various companies, government agencies and even private citizens.
Police were able to seize several laptops, hard drives, blank cards with magnetic stripes and a Bitcoin seed phrase during Philbert’s arrest
Earlier this year, police in Florida arrested another Canadian citizen who was allegedly involved in several attacks by the Netwalker ransomware group. According to the DOJ, Sebastien Vachon-Desjardins earned about $27.6 million through various ransomware attacks on Canadian companies such as the Northwest Territories Power Corporation, the College of Nurses of Ontario and a Canadian tire store in B.C.
Brett Callow, an Emsisoft threat analyst and ransomware expert based in Canada, said that most people assume that ransomware attacks originate from Russia or the Commonwealth of Independent States, while the reality is that these attacks can be carried out from anywhere.