DoJ Arrests Hacker Involved With REvil Group That Stole Apple's MacBook Pro Schematics

Today, the United States Justice Department announced that Yaroslav Vasinskyi of Ukraine was arrested for his involvement in REvil, an organization that ransomware attacks on government agencies and businesses throughout the United States.


REvil, an Apple supplier Quanta Computer in April, stole schematics for the design of the 16-inch and 14-inch MacBook Pro models. These were released in October. REvil threatened to release additional documents if Apple didn't pay $50 million.

REvil demanded the ransom, but it was not granted. The group then mysteriously deleted all documents and threats of extortion related to Apple from its website.

REvil continued its illegal activities. In May, REvil was responsible for a cyberattack against the Colonial Pipeline. This attack caused severe gas shortages along the East Coast of America. REvil exploited a flaw in Kaseya's management software to attack between 800 and 1500 businesses around the world in July.

According to the DoJ, Vasinskyi was part of the Kaseya attack. It's unclear if he was also involved in the attack on Quanta Computer, an Apple supplier. He was detained in Poland and is currently awaiting extradition to America.

The Department of Justice also arrested Vasinskyi. He was also involved in REvil and responsible for multiple attacks on victims. Romania has also seen two other arrests, although details are not available.

Christopher Wray, FBI Director, stated that Yaroslav Vasinskyi's arrest, the charges against Yevgeniy Polanin, seizure $6.1 million of his assets and the arrests in Romania of two other Sodinokibi/REvil agents are the result of close collaboration with the international, U.S. government, and particularly our private sector partners. "The FBI has been relentless in its efforts to combat the criminal hackers behind Sodinokibi/REvil. Ransomware groups such as them pose a grave, unacceptable threat to our safety. We will continue to broaden our targeting of their actors, facilitators, their infrastructure and their money, wherever they may be in the world."

Both Vasinskyi, as well as Polyanin, were charged with conspiracy and related activity to commit fraud in connection to computers, substantive charges of damage to computer systems, and conspiracy and money laundering. If convicted, Vasinskyi could face a maximum sentence of 115 years imprisonment. Polyanin could face a maximum sentence of 145 years. Although Vasinskyi is currently in custody, Polyanin is not believed to have been arrested and could be living abroad.

To stop REvil, the U.S. government has been working in partnership with other allies. Reuters reported in October that several government agencies teamed up with each other to hack REvil's "Happy Blog" website, which was used to leak documents.