Skip to content
Naked Security Naked Security

NetWalker ransomware affiliate sentenced to 20 years by Florida court

Judge tells the accused that if he hadn't pleaded guilty, "I would have given you life."

Naked Security has written and talked about Sebastien Vachon-Desjardins before, in both article and podcast form.

Vachon-Desjardins had been a federal government worker in the Canadian Capital Region (he comes from Gatineau in Quebec, directly across the river from the federal capital Ottawa in Ontario)…

…but he seems to have decided that joining the cybercrime underworld would be much more lucrative than his government job, and it seems that did indeed rack up a small fortune in illegal earnings.

He was tracked down, arrested, and convicted in his native Canada, and sentenced to nearly seven years in a Canadian prison.

Not long after starting his sentence, however, the Canadians released him from prison specifically so he could be extradited to Tampa, Florida, to face federal charges in the US.

As Chester Wisniewski put it in our March 2022 podcast on the topic:

Sebastien is temporarily “on loan” to the Americans, so they can punish him, but when he comes back, he still has to face his sentence here in Canada.

LEARN MORE ABOUT RECENT MALWARE BUSTS (FIRST SECTION)

Conviction and sentencing

Back in July 2022, Vachon-Desjardins decided to plead guilty in the US, with his plea document noting:

On or about January 27 and 28, 2021, the Royal Canadian Mounted Police executed search warrants at Vachon-Desjardins’ home and on safe deposit boxes held by Vachon-Desjardins at National Bank, Gatineau, Quebec.

During these searches, law enforcement seized, among other assets , all bitcoin contained in the defendant’s BTC Wallet 3Pxki6pFFKC12YSn8JtDs3ZrEg3pFTHnHd.

This seized bitcoin was derived primarily from ransom funds paid by victims of NetWalker Ransomware attacks.

The amount seized was just under BTC 720, worth about US$23 million in early 2021, and still worth about US$14 million today.

There was plenty more criminality to which Vachon-Desjardins admitted, however, with the court document going on to say:

Law enforcement identified and seized copies of the server that operated as the backend, or internal-facing, server of the NetWalker Tor Panel and the NetWalker Blog. This server contained detailed transactional information as to the NetWalker developers and affiliates. The transactional records revealed that during the course of the conspiracy, approximately 100 affiliates had been active, and victims had paid approximately 5058 bitcoin in ransoms (an approximate total of US$40 million based on the value of bitcoin at the time of each transaction).

These records also tied Vachon-Desjardins to the successful extortion of approximately 1864 bitcoin in ransoms (an approximate total of US$21.5 million based on the value of bitcoin at the time of each transaction) from dozens of victim companies across the world, including [a victim in Tampa, Florida].

This apparently identifies Vachon-Desjardins as a very significant NetWalker affiliate, responsible for more than 35% of ransom money extorted overall, and thus presumably also being responsible for about one-third of the group’s attacks.

He’s now been sentenced, with the Tampa Bay Times reporting that he’ll spend 20 years in a US prison.

According to the Tampa Bay Times, the judge in the case noted:

You have one of the worst cases I’ve ever seen. This is Jesse James meets the 21st century. [… This] is bad stuff. If you had gone to trial [i.e. had not pleaded guilty], I would have given you life.

When he’s finished his US prison sentence, Vachon-Desjardins will be returned north of the border to to finish his 7-stretch in Canada.

LEARN MORE ABOUT THE NETWALKER RANSOMWARE

https://nakedsecurity.sophos.com/2020/05/28/inside-a-ransomware-gangs-attack-toolbox/

3 Comments

Justice is finally served. I really hope this is a learning lesson for all of the other cybercriminals BUT probably not because they are just brazen enough to think they can get away with it. 20 years is a nice round number for all the lives he has destroyed, life would be better.

Reply

Glad he’s serving time. Hopefully he doesn’t get let out early.

Found a typo: “specifically so be could be extradited”

Reply

Fixed the typo, thanks.

Not certain about the various prison servicea in the US, but my understanding is that federal sentences don’t come with “minimum terms”, “minimum non-parole periods” or “early release on licence”, or anything quite like that. IIRC you can get credit for good behaviour, so that if you’re good for a whole year, you get 54 days off your ending date.

Ironically, this doesn’t mean you can get out 20×54 days early (15%) from a 20-year sentence, because as soon your end date gets moved backwards from an exact multiple of 365 days, you lose a full year at the end in which to earn more credit. (If I understand correctly, if you are good for the first 14 elapsed years of your sentence, you’ll have had 54×14 days chopped off the end, so you now only have an 17.9 year sentence to serve overall, or 3.9 years left. Thus you now only have 3 full years remaining to earn 54-day credit chunks, thus giving you a maximum of 17×54 days off your total 20×365-day stretch, or 12.5%.)

Any US federal prison service experts around who can comment on that?

Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?
You’re now subscribed!