Canadian man investigated since 2018 indicted for ransomware attacks

The malicious actor released ransomware targeting Canada and the U.S., including the State of Alaska

Canadian hacker indicted for multiple counts of fraudRansomware deployment puts the 31-year-old man from Canada in custody

The indictment got unsealed that lists the charges against 31-year-old Canadian Matthew Philbert that got investigated by the FBI and Justice Department for a few years.[1] Man got indicted for the involvement of various cyberattacks mainly focused on ransomware deployment.[2] Official from Canada Ontario Provincial Police had a press conference to announce the charges that were the reason for arrest in Ottawa.[3]

Philbert is responsible for numerous ransomware releases in networks belonging to businesses, government agencies, private individuals across Canada and in the United States. The attacker has conspired to damage computers, raise funds from victims and affect various systems and operations.

In 2018, the attacker managed to affect the computers belonging to the State of Alaska. The arrest was made on November 30, 2021, and Matthew Philbert remains in custody, as the statement[4] from U.S. attorney Bryan Wilson of The District of Alaska reads:

Today’s unsealed indictment is a great example of the importance of international partnerships to combat the evolving and growing threat of cybercrimes.

Targeting various businesses and individuals

Cybercriminals overall are looking for opportunities to make money, so targets can vary for them because various networks and individual devices can be vulnerable to such attacks. Philbert had been aiming at government institutions and businesses, as well as everyday user machines. On the list of charges, there are counts of conspiracy to commit fraud, other deception, and fraud activities related to computers. Police were able to seize laptops, hard drives, blank cards with magnetic stripes, Bitcoin seed phrases.

There are many opportunities to make money from ransomware attacks and other malicious activities. This is why threat actors are so motivated to target large organizations and businesses. However, ransomware can be deployed from anywhere and launched on various systems. Even though some of the experts and everyday people think that main hacker groups operate from Russia or China.

Threats can be launched from any place in the world, but investigations are upping their game too. Individuals who use such tactics can be prosecuted for these crimes because deploying ransomware, creating any computer viruses can be considered a crime, and people get prosecuted for it.

The previous arrest of the Canadian responsible for the ransomware attacks

Back in January of 2021 Canadian citizen got arrested in Florida.[5] The Department of Justice claimed that Sebastien Vachon-Desjardins was responsible for Netwalker ransomware[6] attacks and made around $27.6 million via those transactions of ransom payments. Canadian organizations fell victim:

  • Northwest Territories Power Corporation;
  • College of Nurses of Ontario;
  • Canadian tire store in B.C.

Global ransomware attacks have increased by 150% in the first six months of 2021 when compared to 2020. Businesses take precautionary measures and fear the possible ransomware attacks more and more after such incidents come to the public.

These malware attacks related to file-locking and ransom demands can become a major threat. 84% of organizations believe that such security incidents and supply chain attacks can become even more common and dangerous over the next years. The evolving remote workplaces create challenges for businesses in the security field. Organizations need to change the way they operate and ensure needed solutions.

About the author
Ugnius Kiguolis
Ugnius Kiguolis - The mastermind

Ugnius Kiguolis is a professional malware analyst who is also the founder and the owner of 2-Spyware. At the moment, he takes over as Editor-in-chief.

Contact Ugnius Kiguolis
About the company Esolutions