A drug trafficker and former federal employee from Gatineau has just been sentenced to 20 years in prison in Florida for ransomware attacks that earned him at least 21.5 million US dollars.
Posted at 7:31 p.m.
The sentence pronounced against Sébastien Vachon-Desjardins, considered one of the worst cyberpirates in the world, is particularly severe. The Tampa judge who pronounced it decided to exceed the 11 to 14 years in prison provided for by the directives of American justice for such crimes.
Vachon-Desjardins, 35, was arrested in January 2021 for his cybercrimes, before being extradited, then pleading guilty last June. In doing so, this former employee of the Ministry of Public Services and Supply admits to being one of the most prolific hackers behind Netwalker.
This ransomware is one of the worst in the world. Now dismantled, it was used to extort tens of millions from hundreds of victims. The targets saw their servers infiltrated, then the hackers stole their data, before encrypting it. They then asked them for a ransom to give them back access to their information, like the other ransomware that is still rampant.
“The attacks specifically targeted the healthcare sector during the COVID-19 pandemic, in order to take advantage of the global crisis to extort money from the victims,” explains a letter from Florida prosecutor Maria Chapa Lopez on file. .
The American documents notably link Vachon-Desjardins to the cyberattack of the University of California in San Francisco, which paid a ransom of 1.14 million US dollars to recover access to its data in June 2020.
91 attacks
Vachon-Desjardins allegedly carried out no less than 91 computer attacks, according to an analysis by the New York analysis firm Chainanalysis, which helped the FBI and the Royal Canadian Mounted Police (RCMP) to investigate his activities.
He would have thus extracted the equivalent of 14 million US in bitcoins. With the rise in the price of this cryptocurrency, this loot was worth 34.6 million Canadian dollars when he was arrested in January 2021.
Using computers seized from Vachon-Desjardins on Desforges Street in Gatineau, the RCMP was able to recover 720 bitcoins, with an estimated value of around 50 million in May 2021. After the price of this cryptocurrency fell, this loot still worth 19.7 million, as of October 4.
In all, a hoard worth 130 million passed through his wallets, according to the RCMP investigation.
The federal police also got their hands on $715,150 in cash at his home and in safe deposit boxes rented from banks.
Most Prolific Affiliate
Police documents identify Vachon-Desjardins as the most prolific “affiliate” of the massive Netwalker network. Its role was to spot high value targets before attacking them.
Cybercriminals left hacked computers with a ransom note, and if the target agreed to pay, Netwalker developers and affiliates like it shared the spoils.
Chainanalysis estimates that he was able to pocket 80% of the sums withdrawn. To collect his winnings, Vachon-Desjardins would have opened 345 bitcoin “addresses”, accounts to exchange this cryptocurrency.
Netwalker has claimed many victims in Quebec. Among them are Sollio (the former Coop fédérée), the IT company Xpertdoc and a subsidiary of the MTY restaurant chain.
Notorious drug trafficker
Sébastien Vachon-Desjardins is far from having his first serious trouble with the law. He was previously sentenced to 42 months in prison in 2015 for drug trafficking.
Gatineau police seized no less than 137 pounds of marijuana, 60,756 methamphetamine tablets, nearly 9 kilos of hashish, 146 grams of cocaine, 13,627 ecstasy tablets, $24,000 in “crystal meth” and $29,020 in cash.