Former Netwalker ransomware affiliate Sebastien Vachon-Desjardins has been sentenced to 20 years in prison and demanded to forfeit $21.5 million for his attacks on a Tampa company and other entities.
Vachon-Desjardins, a 34 Canadian man extradited from Quebec, was sentenced today in a Florida court after pleading guilty to ‘Conspiracy to commit Computer Fraud’, ‘Conspiracy to Commit Wire Fraud’, ‘Intentional Damage to Protected Computer,’ and ‘Transmitting a Demand in Relation to Damaging a Protected Computer.’
“The Defendant is hereby committed to the custody of the United States Bureau of Prisons to be imprisoned for a term of TWO HUNDRED FORTY (240) MONTHS,” reads the court’s judgment.
“This term consists of a 60-month term as to Counts One and Four, 120-month term as to Count Three and a 240-month term as to Count Two. Counts One, Three, and Four are to run concurrently to Count Two.”
Vachon-Desjardins is also required to serve three years of supervised release after he gets out of prison. During this term, Vachon-Desjardins will not be allowed to have a job in information technology or use a computer capable of connecting to the Internet, including a smartphone, gaming device, or other electronic devices.
The Judge ordered a forfeiture against the defendant of $21.5 million, of which 27.65 Bitcoin, already held by law enforcement, will be credited towards the amount.
On January 27th, 2021, when the US DOJ charged Desjardins, an international law enforcement operation seized Netwalker websites, including their Tor payment and data leak sites.
Netwalker was a Ransomware-as-a-Service (RaaS) operation launched in 2019, recruiting affiliates to deploy the ransomware in return for a 60-75% share of all ransom payments.
Vachon-Desjardins operated as an affiliate for the ransomware operation, where it is believed he conducted attacks on companies worldwide, including US companies and at least 17 Canadian entities.
During these attacks, the ransomware operation would steal data from corporate systems and ultimately encrypt devices. To recover files and prevent data release, the threat actors extorted the victims to pay a ransom demand ranging from hundreds of thousands to millions of dollars.
Source: BleepingComputer
Vachon-Desjardins was previously arrested in Gatineau, Quebec, on January 27th, 2021, when law enforcement seized 719 Bitcoin and $790,000 in Canadian currency while searching his home. He was later sentenced to 6 years and eight months in prison after pleading guilty before an Ontario judge.
Vachon-Desjardins was extradited to the United States in March 2022.
