cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Notorious LockBit affiliate sentenced to 4 years in prison, to fork out $860k

A key affiliate of the infamous LockBit ransomware gang has been sentenced to four years in prison by Canadian courts and ordered to pay almost $1 million in restitution.

user icon Daniel Croft
Thu, 14 Mar 2024
Notorious LockBit affiliate sentenced to 4 years in prison, to fork out $860k
expand image

Mikhail Vasiliev was originally arrested for his role in the LockBit ransomware gang’s operation in November 2022.

The Russian-Canadian hacker is reportedly believed to have contributed to a thousand cyber attacks through the gang, with a collective ransom demand of $100 million.

Most of the LockBit attacks Vasiliev was involved with were on Canadian businesses based in Newfoundland, Saskatchewan, Montreal, and more.


Roughly 16 months after his arrest, Vasiliev pleaded guilty to eight charges in February this year, including “cyber extortion, mischief and weapons charges”, according to media reports.

The hacker has now been sentenced to almost four years in prison and will be required to pay $860,000 in restitution payments to the victims of his attacks.

Handing down his sentence this week was Justice Michelle Fuerst, who called the hacker a “cyber terrorist” who was “motivated by his own greed” and whose actions were “planned, deliberate, and coldly calculated”, adding that they were “far from victimless crimes”.

Vasiliev’s lawyer said the hacker has acknowledged and accepted his role in the operations and the sentencing that accompanied them.

“Mikhail Vasiliev took responsibility for his actions, and that played out in today’s courtroom with the sentence that was imposed,” said lawyer Louis Strezos from outside the courthouse on Tuesday (12 March).

The legal ramifications of Vasiliev’s cyber crimes don’t end in Canada, with media reporting that the now former LockBit affiliate is facing several charges in the US.

He has agreed to be extradited to the US to face those charges, which include conspiracy to intentionally damage protected computers and transmit ransom demands. For these crimes, Vasiliev faces a maximum of five years in prison.

Vasiliev’s sentencing is just a cherry on top of the cake that is LockBit’s downfall after the group was taken down by law enforcement early this year.

Operation Cronos, an alliance of global law enforcement agencies led by the UK’s National Crime Agency, hit the threat group and took control of its site, slowly publishing its data as if to mirror a threat actor before taking the site offline.

“This site is now under the control of the National Crime Agency of the UK, working in close cooperation with the FBI and the international law enforcement task force, ‘Operation Cronos’,” the site said.

“We can confirm that LockBit’s services have been disrupted as a result of international law enforcement action – this is an ongoing and developing operation.”

The group was reportedly developing a new decryptor at the time of takedown, which would have evolved it from the already formidable LockBit 3.0 to an even more dangerous LockBit 4.0.

Despite the takedown, the gang is back and still conducting ransomware attacks as if nothing ever happened, having posted an attack on Australian retail software vendor GaP Solutions.

However, LockBit’s recovery is being questioned, with many believing that the takedown stunted the group reputationally, causing affiliates to leave and limiting its capabilities.

New reports suggest that many of LockBit’s big affiliates are looking for other ransomware gangs, with the Akira threat group being a key receiver of these cyber criminal refugees.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.