Russian pro basketball player arrested for alleged role in ransomware attacks

Russian professional basketball player Daniil Kasatkin was arrested in France at the request of the United States for allegedly acting as a negotiator for a ransomware gang.

Daniil Kasatkin is a Russian basketball player who briefly played NCAA basketball at Penn State before returning to Russia in 2019. In four seasons with MBA-MAI, he appeared in 172 games before he left the team.

According to French media, Kasatkin was arrested at Paris’s Charles de Gaulle airport on June 21st after landing in France with his fiancée.

The arrest was made as part of a United States international arrest warrant for his role as an alleged negotiator for a ransomware gang.

Kasatkin is now under custody while the US seeks to have him extradited to face charges of “conspiracy to commit computer fraud” and “computer fraud conspiracy.”

His lawyer alleges that Kasatkin is not guilty of these crimes and that they are instead linked to a second-hand computer that he purchased.

“He bought a second-hand computer. He did absolutely nothing. He’s stunned ,” his lawyer, Frédéric Bélot, told the media.

“He’s useless with computers and can’t even install an application. He didn’t touch anything on the computer: it was either hacked, or the hacker sold it to him to act under the cover of another person.”

While the name of the ransomware gang was not disclosed, it is reported to have been behind attacks on more than 900 companies, including two federal agencies, between 2020 and 2022.

This description closely matches similar language used by the Department of Justice to refer to the notorious Conti ransomware gang, which emerged as a successor to Ryuk in 2020 and shut down in 2022, following a data breach.

However, it was not previously reported that Conti breached any federal agencies, though they are linked to attacks on state governments.

Last month, French police also arrested four alleged operators of the BreachForums hacking forum, including threat actors using the alias IntelBroker and ShinyHunters.