FBI Extradites Armenian Hacker Behind Ryuk Ransomware That Crippled Oregon Tech Company

Crime & Courts
By Lucille McNamara
cyber security

The FBI is making progress in the investigation and arrest of foreign nationals involved in ransomware attacks and an extortion conspiracy targeting an Oregon tech company, as well as similar operations throughout the United States.

 

Conspirators Extorted $15 Million From Companies in Oregon and Elsewhere in the Country

The four co-conspirators allegedly received 1,610 Bitcoins in ransom payments from the victim companies, valued at over $15 million at the time of payment.

A 33-year-old Armenian national, Karen Serobovich Vardanyan, was extradited from Ukraine to the U.S. on June 18 and is charged with conspiracy, fraud, and extortion involving computers, according to the Oregon U.S. Attorney’s Office.

Vandanyan was arraigned in federal court on June 20, where he entered a not guilty plea. He was ordered to remain in custody pending a seven-day jury trial scheduled to begin on August 26. I

f found guilty, he could face up to five years in federal prison, three years of supervised release, and a fine of $250,000 per charge.

 

Law Enforcement is Seeking a Second Extradition Order – Two Further Suspects Are Still at Large

U.S. law enforcement agencies have requested the extradition of another Armenian national, Levon Georgiyovych Avetisyan (45), from France. He will face the same charges as his Armenian compatriot.

Two further suspects in the ransomware investigation are Ukrainians Oleg Nikolayevich Lyulyava and Andrii Leonydovich Prykhodchenko, both 53 years old, have also been charged with conspiracy, fraud, and extortion involving computers. Neither is in custody.

Court records allege that between March 2019 and September 2020, Vardanyan and his co-conspirators unlawfully infiltrated the computer systems of various companies, deploying Ryuk ransomware across hundreds of servers and workstations.

This form of ransomware encrypts files, rendering them inaccessible unless a ransom is paid in exchange for a decryption key.

Ryuk has been used in attacks on thousands of organizations worldwide, affecting sectors ranging from private businesses to state and local governments, school districts, essential infrastructure, and healthcare facilities.

These attacks have significantly disrupted operations by cutting off access to critical data and impairing communication systems.

As part of the alleged operation, ransom payments were demanded from affected companies in return for the tools needed to unlock the encrypted files.

A ransom note, demanding ransom payments in Bitcoin, was placed on the computer systems. Victims were given an email address to communicate with the Cyber criminals.

The case is under investigation by the FBI, and the prosecutor is Katherine A. Rykken, Assistant U.S. Attorney for the District of Oregon.

Morning Brief Newsletter
Sign up today for our daily newsletter, a quick overview of top local stories and Oregon breaking news delivered directly to your inbox
You can unsubscribe at any time
You might also like More from author
Leave A Reply

Your email address will not be published.