Netwalker ransomware affiliate agrees to plead guilty to hacking charges

Prolific Netwalker ransomware affiliate Sebastien Vachon-Desjardins agreed to plead guilty on Tuesday to several charges related to a hacking campaign against a company based in Florida. 

The 34-year-old Vachon-Desjardins, who previously was sentenced to seven years in prison by Canadian officials for other ransomware attacks, was extradited to the U.S. in March and has been held in a Tampa prison since then. 

According to a plea agreement filed on Tuesday, Vachon-Desjardins agreed to forfeit $21.5 million, about 27.65 BTC and dozens of seized devices. 

United States Attorney for the Middle District of Florida Roger Handberg said Vachon-Desjardins has agreed to plead guilty to four charges: Conspiracy to Commit Computer Fraud, Conspiracy to Commit Wire Fraud, Intentional Damage to a Protected Computer and Transmitting a Demand in Relation to Damaging a Protected Computer.

A portion of the plea agreement filed Tuesday.

The charges carry a combined maximum prison sentence of 40 years, but the document made references to a potential deal where Vachon-Desjardins will face less years in exchange for cooperation.

The lawyers did not say which company was attacked but noted that it is based in Tampa and was attacked on May 1, 2020. 

Vachon-Desjardins sent the company a ransom note demanding $300,000 in bitcoin but the company did not pay, instead spending $1.2 million to recover from the incident. 

The ransom note Vachon-Desjardins sent the company. Image: DOJ

In the plea deal, and in a presentation at the RSA conference earlier this month, the Justice Department said it was able to gain access to the backend server of the NetWalker Tor Panel and the NetWalker Blog, giving them a view into the gang’s operations. 

The group had managed to extort victims for about 5,058 bitcoin — worth about $40 million based on the value of bitcoin at the time of each transaction.

“These records also tied Vachon Desjardins to the successful extortion of approximately 1,864 bitcoin in ransoms (an approximate total of $21 .5 million USD based on the value of bitcoin at the time of each transaction) from dozens of victim companies across the world, including Victim 1,” the Justice Department…