On November 10, 2022, Europol announced the arrest of Mikhail Vasiliev, 33, which took place on October 26, 2022 in Canada. He is “suspected of having deployed the LockBit ransomware to carry out attacks against critical infrastructures and large industrial groups around the world“.
This arrest follows an investigation conducted by the French Gendarmerie Nationale with the assistance of Europol’s European Cybercrime Centre (EC3), the FBI and the Royal Canadian Mounted Police (RCMP).
Law enforcement seized eight computers, 32 external hard drives, two firearms and 400,000 euros in crypto-currency from the home of the suspect, who holds dual Russian and Canadian citizenship.
They also found screenshots of Vasiliev’s exchanges with “LockBitSupp” (the pseudonym of the alleged leader of the ransomware gang), as well as instructions on how to roll out LockBit’s Linux/ESXi locker and its source code. There was also evidence of Mikhail Vasiliev’s involvement in a ransomware attack in Canada in early 2022.
The U.S. Department of Justice (DOJ) has filed charges against the cybercriminal and requested his extradition to the United States. “This arrest is the result of more than two and a half years of investigation into the LockBit ransomware group“, commented Lisa O. Monaco, DOJ Assistant Attorney General.