U.S. authorities have hit a major malware operator, with help from leading blockchain analytics firm Chainalysis.
On Wednesday, the Department of Justice announced the seizure of $454,530.19 in cryptocurrency from NetWalker, a ransomware operator the FBI alleges to have targeted hospitals globally amid the COVID-19 pandemic.
Piggybacking on the DoJ’s announcement was Chainalysis, who took the opportunity to advertise the firm’s involvement in tracking down NetWalker hardware in Bulgaria as well as Sebastien Vachon-Desjardins. The DoJ arrested Vachon-Desjardins, a Canadian national who they allege to be an affiliate of the NetWalker network who garnered $27.6 million through its malware.
The DoJ has yet to release a criminal complaint against any of those involved in NetWalker, presumably because, if their allegations are true, there are tens of millions of dollars out there yet to be seized. Chainalysis noted NetWalker’s business model of ransomware-as-a-service as particularly difficult to investigate because:
“Attackers known as affiliates ‘rent’ usage of a particular ransomware strain from its creators or administrators, who in exchange get a cut of the money from each successful attack affiliates carry out. RaaS has led to more attacks, making it even more difficult to quantify the full financial impact.”
The FBI initially flagged NetWalker as a threat to hospitals back in July. At the time, the agency said they had first noticed the ransomware in March, when COVID-19 lockdowns had come into place around the world.
Ransomware has been on the rise over the course of the past year, as remote working has opened up new vulnerabilities in business networks or, in this case, in people’s willingness to click on questionable links in emails that offer potential information on COVID-19 conditions.
Law enforcement interest in ransomware has, correspondingly, increased. Alongside other investigative concerns, the rise in ransomware tracing has been lucrative for firms like Chainalysis, which have seen an inflow of government contracts.