From Phishing to Prison: 2-Year Sentence for Ransomware Rampage

A Canadian court has sentenced 33-year-old Matthew Philbert to two years in prison after he pleaded guilty to disseminating ransomware and launching malicious attacks on individuals, businesses, and government institutions. Philbert, arrested in Canada in 2021, admitted to fraud and unauthorized computer access. Investigators found over 1,100 victims of his illegal activities.

In the sentencing at the Ontario Court, prosecutors highlighted the financial damages caused by Philbert’s attacks, including a case where over $10,000 was stolen from a family business. His targets included three Canadian police departments and the Ronald McDonald House Charities in Halifax, Nova Scotia.

Philbert, an Ottawa resident, was apprehended following a joint investigation by the Ontario police and the FBI in Anchorage, Alaska. He also faced separate charges in the United States for attempting unauthorized damage to a protected computer belonging to the State of Alaska in 2018, compromising employees’ medical data.

Philbert’s preferred method of attack involved phishing emails with documents appearing as resumes but containing malware, giving him full control of the victim’s computer. The identities of Philbert’s numerous accomplices remain unknown, but ongoing investigations are being conducted by both American and Canadian law enforcement.