Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks

A Romanian man, Daniel Christian Hulea, has been sentenced to 20 years in prison following his pivotal involvement in the notorious NetWalker ransomware attacks. Hulea, 30, entered a guilty plea to charges of computer and wire fraud conspiracy on June 20 after admitting to extorting around $21.5 million in bitcoin from targeted organizations, notably including healthcare providers during the COVID-19 pandemic. According to the U.S. Department of Justice, Hulea has been ordered to forfeit $21.5 million, along with his interests in a luxury resort project in Bali, Indonesia, which was funded by proceeds from these cyberattacks. He is also required to pay nearly $15 million in restitution. Hulea's arrest took place in Cluj, Romania, on July 11, 2023, leading to his extradition to the United States under the existing U.S.-Romania extradition treaty.

NetWalker Ransomware's Reach and Impact Initiated in 2019, the NetWalker ransomware group operated through a Ransomware-as-a-Service (RaaS) model, affecting a vast array of victims. Among those impacted were significant entities such as Pakistan's largest private power company, K-Electric, Argentina’s immigration agency, Dirección Nacional de Migraciones, and the University of California San Francisco (UCSF), which paid a $1.14 million ransom for data recovery. By August 2020, the FBI had issued alerts concerning NetWalker's threats to U.S. and international government organizations. The ransomware attacks increasingly took advantage of the global health crisis to impose pressure on the healthcare sector.

International Crackdown on Cybercrime In addition to Hulea, charges have been filed against Canadian national Sebastien Vachon-Desjardins in connection with the NetWalker operations. U.S. authorities seized over $454,000 in cryptocurrency traced to his criminal activities, with Vachon-Desjardins suspected of personally gaining upwards of $27 million. The joint law enforcement efforts in January 2021 between U.S. and European authorities witnessed the shutdown of the dark web platforms used by NetWalker, highlighting a concerted international effort to combat this form of sophisticated cybercrime. The U.S. Department of Justice emphasizes that NetWalker ransomware has wreaked havoc on multiple sectors, including municipalities, companies, educational institutions, and law enforcement agencies. The pandemic period accentuated the vulnerability of healthcare infrastructures, exploited significantly by these orchestrated malicious activities.