Ex-government IT worker collaborated with Russian cybergang

Sebastien Vachon-Desjardins faces up to 10 years in fail, as well as the loss of millions in Canadian dollars and Bitcoin

Image:

Sebastien Vachon-Desjardins faces up to 10 years in fail, as well as the loss of millions in Canadian dollars and Bitcoin

Vachon-Desjardins was arrested in Canada in January 2021 and extradited to the US in March this year

A former IT worker for the Canadian Government has pleaded guilty to charges related to his association with Russian cybercrime gang NetWalker.

NetWalker began operations in 2019 and offers malicious software and extortion website to hacker affiliates.

According to a plea agreement [pdf] filed with a court in Florida on Tuesday, Sebastien Vachon-Desjardins agreed to plead guilty to conspiracy to commit wire fraud; conspiracy to commit computer fraud; intentional damage to a protected computer system; and sending a demand in relation to damaging a protected computer.

Vachon-Desjardins, who is 34 and from Quebec, was previously sentenced to seven years in prison by a Canadian court for other ransomware attacks.

He was arrested in Canada in January 2021 and extradited to the United States in March this year, following an investigation into the NetWalker group by US federal agencies.

US law enforcement shut down the group's web operations and discovered a database of affiliate information.

Vachon-Desjardins has been detained in a Tampa jail since being extradited.

He acknowledged before Florida's court that he was a member of the NetWalker group, which has targeted businesses, organisations, government entities, hospital and schools in Canada, the USA and other countries.

Vachon-Desjardins also agreed to forfeit $21.5 million, about 27.65 BTC, and dozens of confiscated devices.

At the time of Vachon-Desjardins' arrest in Canada, police confiscated CAD$790,000 in cash, 719 Bitcoin worth about $27 million (£22 million), and a number of computers and storage devices from his home.

According to US court records, the Canadian was one of NetWalker's most active affiliates. He embarked on a cyber rampage between April and December 2020, targeting 17 Canadian firms as well as several others across the globe.

He attacked a Tampa-based company on 1st May, 2020 and sent it a ransom letter seeking $300,000 in Bitcoin. The firm chose not to pay and instead spent $1.2 million on incident response.

The Department of Justice successfully gained access to the backend server of the NetWalker Tor Panel and the NetWalker Blog, getting a glimpse into the organisation's activities.

According to the US authorities, the organisation coerced victims into paying around 5,058 Bitcoin. Depending on the price of Bitcoin at the time of each transaction, that was equivalent to almost $40 million.

The FBI issued a security advisory about attacks by Netwalker in August 2020, which were directed at government entities in the US and other countries.

In September 2020, the gang attacked the Dusseldorf University clinic, which led to the death of a patient.

Vachon-Desjardins has previously worked as an IT consultant for Public Works and Government Services departments in Canada.

On his LinkedIn page, he claims to have experience reacting to cybersecurity breaches.

He will be sentenced at a later date, and could get up to 10 years in jail for his crime.