NetWalker ransomware disrupted – Cryptocurrency and domain seized

Authorities have arrested a Canadian national affiliated with the NetWalker ransomware operation.

Authorities have arrested a Canadian national affiliated with the NetWalker ransomware operation.

Earlier today, the U.S. Department of Justice (DOJ) announced that the infamous NetWalker ransomware has been disrupted after a large-scale coordinated international law enforcement action.

The announcement came hours after the news in which Europol had announced dismantling Emotet malware botnet.

According to DOJ’s press release, authorities have seized the official website of NetWalker ransomware operators accessible through the Tor browser. The .Onion domain was used as a resource to announce new attacks, leak data, and communicate with the victims for ransom payments.

Additionally, authorities have arrested Sebastien Vachon-Desjardins, a Canadian national believed to be affiliated with NetWalker ransomware. Moreover, cryptocurrency worth $454,530.19 has also been seized from Vachon-Desjardins which was comprised of ransom payments made by victims of three separate NetWalker ransomware attacks.

It is worth noting that NetWalker ransomware took on high-profile targets including Argentina borders service and Pakistani power supplier K-Electric, etc. However, most of its targets were against businesses in the United States.

NetWalker ransomware targets (Image: Chainalysis)

The cybercrime gang’s modus operandi was similar to other ransomware groups in which data on the victim’s computer would be encrypted and displayed a ransom note. Authorities believe that Vachon-Desjardins of Gatineau, Quebec, Canada obtained over $27.6 million from cyberattacks carried out by NetWalker ransomware.

In a statement, Acting Assistant Attorney General Nicholas L. McQuaid of the Justice Department’s Criminal Division said that:

“We are striking back against the growing threat of ransomware by not only bringing criminal charges against the responsible actors, but also disrupting criminal online infrastructure and, wherever possible, recovering ransom payments extorted from victims.”

In a blog post shared with, Chainalysis, a blockchain analysis company revealed that authorities used its investigative tools to track down NetWalker ransomware funds.

In 2019, Chainalysis’s software was also used in tracking down Bitcoin payments made to the dark web’s largest child sexual abuse website. As a result, the website was not only seized but 338 suspected were also arrested.

Did you enjoy reading this article? Don’t forget to like our page on Facebook and follow us on Twitter

Related Posts