{
	"id": "6a5084e5-6a52-48ad-afe9-4312efca0200",
	"created_at": "2026-04-06T00:13:22.907066Z",
	"updated_at": "2026-04-10T03:21:44.46701Z",
	"deleted_at": null,
	"sha1_hash": "cf869046db6eef90047581277eb839e05fb04b41",
	"title": "NetWalker ransomware affiliate sentenced to 80 months in prison",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 834631,
	"plain_text": "NetWalker ransomware affiliate sentenced to 80 months in prison\r\nBy Sergiu Gatlan\r\nPublished: 2022-02-08 · Archived: 2026-04-05 13:10:04 UTC\r\nImage: Ye Jinghan\r\nSebastien Vachon-Desjardins, a Canadian man charged in Canada for his involvement in NetWalker ransomware attacks,\r\nwas sentenced to 6 years and 8 months in prison after pleading guilty before an Ontario judge to multiple offenses linked to\r\nattacks on 17 Canadian victims.\r\nOn Monday, the judge said that, although Desjardins cooperated with the authorities to help identify victims and their losses,\r\nhe still \"played a dominant, almost exclusive, role in these offenses,\" aggravated by an unrelated drug trafficking criminal\r\nrecord and a prior sentence of 54 months imprisonment in Quebec.\r\nhttps://www.bleepingcomputer.com/news/security/netwalker-ransomware-affiliate-sentenced-to-80-months-in-prison/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/netwalker-ransomware-affiliate-sentenced-to-80-months-in-prison/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nThe FBI discovered Desjardins's true identity after linking email accounts (Microsoft, Gmail, and Protonmail) he used to\r\nregister accounts on XSS.is and HackForums with online activity (searches and emails) with various online services\r\n(including MEGA and ZoomInfo) he used to upload files stolen from victims' networks and find financial info on his\r\nvictims.\r\nHe also made it easier by sharing personal information on public forums, including that he worked as an IT technician for\r\nthe Canadian government (Public Works and Government Services Canada) for more than four years.\r\nTens of millions in losses\r\nThe attacks Desjardins participated in resulted in losses of millions of dollars after the victims had data stolen from their\r\nnetworks and were extorted into paying millions worth of cryptocurrency as ransoms.\r\n\"Between May 2020 and January 2021, the Defendant victimized 17 Canadian entities and others throughout the world by\r\nbreaching private computer networks and systems, hi-jacking their data, holding the stolen data for ransom, and distributing\r\nstolen data when ransoms were not paid,\" the judge added.\r\nThe US Department of Justice said in January 2021 that Desjardins allegedly obtained more than $27.6 million after\r\nmultiple successful attacks and extortion attempts since April 2020, when he first took up his new ransomware affiliate role.\r\n\"The Defendant admitted to investigators that over 1,200 Bitcoins related to his NetWalker malware activities passed\r\nthrough his e-wallet and were shared with his unindicted co-conspirators and the developer of the NetWalker ransomware,\"\r\nthe judge said on Monday.\r\n\"As well, the Defendant admits that his entire ransomware activities involved over 2000 Bitcoins. The [Royal Canadian\r\nMounted Police] RCMP seized slightly less than 720 Bitcoins from the Defendant’s e-wallets and accounts.\"\r\nBesides the 719.99591411 BTC seized from the Desjardins' BTC wallet in January 2021, according to a restraining order\r\nfiled in January 2022, the police also seized 15.725489349111 XMR from a Monero wallet, CAD $299,150 from his\r\nresidence, and over CAD $330,000 from several deposit boxes at National Bank of Canada held in his name.\r\nAfter searching his home, law enforcement also seized many devices containing approximately 20 TB of data that, \"if\r\nprinted, would fill an entire hockey arena.\"\r\nNetwalker ransomware operation sites seized\r\nOn January 27, 2021, when the US DOJ charged Desjardins, law enforcement from the USA and Bulgaria also seized dark\r\nwebsites associated with the Netwalker ransomware operation, including their Tor payment and data leak sites.\r\nThe seizure was the result of a joint investigation conducted by the FBI, the US DOJ, the Bulgarian National Investigation\r\nService, and Bulgaria's General Directorate Combating Organized Crime.\r\nNetwalker was a Ransomware-as-a-Service (RaaS) operation that surfaced in late 2019, enlisting affiliates to deploy the\r\nransomware in return for a 60-75% share of all ransom payments.\r\nThis ransomware operation was immensely profitable for all the threat actors involved, seeing that an August 2020 report\r\nestimated that they collected $25 million from victims within just five months.\r\nSome of the high-profile victims Netwalker targeted over the years include the Enel Group, Equinix, the University of\r\nCalifornia San Francisco (UCSF), the Argentian immigration agency, and K-Electric.\r\nHowever, Netwalker affiliates were never picky. They also attacked and attempted to extort other private and public\r\norganizations, including hospitals, law enforcement organizations, emergency services, municipalities, school districts,\r\ncolleges, and universities.\r\nhttps://www.bleepingcomputer.com/news/security/netwalker-ransomware-affiliate-sentenced-to-80-months-in-prison/\r\nPage 3 of 4\n\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/netwalker-ransomware-affiliate-sentenced-to-80-months-in-prison/\r\nhttps://www.bleepingcomputer.com/news/security/netwalker-ransomware-affiliate-sentenced-to-80-months-in-prison/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/netwalker-ransomware-affiliate-sentenced-to-80-months-in-prison/"
	],
	"report_names": [
		"netwalker-ransomware-affiliate-sentenced-to-80-months-in-prison"
	],
	"threat_actors": [],
	"ts_created_at": 1775434402,
	"ts_updated_at": 1775791304,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/cf869046db6eef90047581277eb839e05fb04b41.pdf",
		"text": "https://archive.orkl.eu/cf869046db6eef90047581277eb839e05fb04b41.txt",
		"img": "https://archive.orkl.eu/cf869046db6eef90047581277eb839e05fb04b41.jpg"
	}
}