WASHINGTON, November 9. /TASS/. The US Federal Bureau of Investigation (FBI) has put on a wanted list Russian national Yevgeniy Polyanin on charges of cybercrimes, according to a statement on the FBI website.
"Polyanin is believed to be in Russia, possibly in Barnaul, and is one of many Sodinokibi/REvil ransomware affiliates," the statement reads.
The US Department of the Treasury announced earlier that the United States imposed sanctions against Russian national Yevgeniy Polyanin and Ukrainian citizen Yaroslav Vasinskyi on charges of their involvement in cybercrimes against American companies and illegal manipulations with crypto currencies. According to the department, Polyanin and Vasinskyi were part of a hackers group, REvil, which is also known as Sodinokibi.
The statement from the FBI reads that "…Polyanin is wanted for his alleged involvement in ransomware attacks and money laundering activities. It is alleged that, through the use and deployment of Sodinokibi and REvil ransomware, Polyanin left electronic notes in the form of a text file on victims’ computers."
"The notes included web addresses for the victims to visit and have their files decrypted. Upon visiting these web addresses, victims were given the ransom amount demanded and provided a virtual currency address to use to pay the ransom," according to the statement.
"If a victim paid the ransom amount, Polyanin provided the decryption key, and the victims then were able to access their files. If a victim did not pay the ransom, Polyanin typically posted the victims’ exfiltrated data or claimed he sold the exfiltrated data to third parties," the statement added.
The US Treasury Department stated earlier that Polyanin and Vasinskyi "are part of a cybercriminal group that has engaged in ransomware activities and received more than $200 million in ransom payments paid in Bitcoin and Monero.".