A thirty-year-old Romanian man has been sentenced to twenty years in prison in the United States for carrying out attacks with the NetWalker ransomware. He must also relinquish more than $21 million and his interests in an Indonesian company and associated luxury resort being built in Bali, as well as pay $15 million in damages. This was announced by the US Department of Justice.
NetWalker was offered as a Ransomware-as-a-Service (RaaS). Through RaaS, criminals can easily obtain ransomware, with part of the revenue going to the developer of the ransomware. In this case, criminals still have to distribute the ransomware themselves. In 2021, the Netwalker operation was taken off the air, partly due to the actions of the FBI.
The now convicted suspect was a partner of the ransomware group and was involved in attacking organizations. According to the prosecutor, the man killed hundreds of victims worldwide, including businesses, municipalities, hospitals, police departments, school districts and other educational institutions.
The Romanian man admitted that he obtained 1,595 bitcoin through the ransomware, which was $21.5 million at the time of the payments. The suspect was arrested by the Romanian police in Romania last July at the request of American authorities and subsequently extradited to the US.
