BPOI Banner
DOJ Seizes $6 Million Linked to 'Devastating' Crypto Romance Schemes DOJ Seizes $6 Million Linked to 'Devastating' Crypto Romance Schemes

Russian ‘Evil Corp’ Group Hit With Sanctions After $100 Million in Ransomware Thefts

International law enforcement efforts have intensified against Evil Corp, a Russia-based cybercrime syndicate allegedly responsible for widespread financial theft and ransomware attacks.

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), the UK’s Foreign, Commonwealth & Development Office (FCDO), and Australia’s Department of Foreign Affairs and Trade (DFAT) jointly imposed sanctions on key members of the group last week. Simultaneously, the U.S. Department of Justice unsealed an indictment charging an Evil Corp member with deploying BitPaymer ransomware against victims in the United States.

Evil Corp is known for developing and distributing the Dridex malware, which has infected computers worldwide and harvested login credentials, leading to over $100 million stolen from hundreds of banks and financial institutions across more than 40 countries. The group’s activities are deeply rooted in Russia’s cybercrime landscape and have alleged connections to Russian state entities.

Corey Petty, a cybersecurity professional and the head of insights at digital-rights-focused investment firm Institute of Free Technology, told Decrypt that using cryptocurrency for ransom payments forms “the backbone of ransomware’s efficacy.”

“Blockchains are transparent and auditable, and once the transactions have been successfully incorporated into the chain, they are unchangeable,” he said, noting the perceived benefits of the technology.. But there’s also a potentially significant downside for criminals.

“This gives anyone the ability to track the flow of funds,” he added.

An October 3 Chainalysis report examines the overlap between Evil Corp and the cybercriminal group LockBit. On-chain data indicates that ransomware strains associated with Evil Corp and cryptocurrency clusters linked to Lockbit have used the same deposit addresses at centralized exchanges.

This suggests possible collaboration or shared infrastructure between the two groups, aligning with previous reports that Evil Corp has used LockBit to rebrand and distance itself from sanctioned entities.

The report also highlights that several members of Evil Corp are related, indicating close internal ties. Maksim Victorovich Yakubets, the leader of Evil Corp, has been noted by the U.S. Treasury Department for his alleged work with Russia’s Federal Security Service (FSB) and efforts to obtain a license to handle classified information.

Other designated individuals include his father, Viktor Yakubets, and father-in-law, Eduard Benderskiy, a former FSB officer. These connections suggest potential links between the cybercrime group and Russian state agencies.

The news follows Chainalysis Chief Marketing Officer Ian Andrews recently saying that “Russia has become an international force using cryptocurrency for everything from sanctions evasion to ransomware attacks.”

“Russia is just the loudest and possibly most pervasive in this space,” added Chainalysis Director of Intelligence Solutions, Valerie Kennedy.

Law enforcement agencies across multiple countries have taken coordinated actions to disrupt Evil Corp’s operations. Arrests and seizures have occurred in various nations, including the apprehension of a suspected LockBit developer by French authorities and the seizure of servers associated with LockBit’s ransomware infrastructure by Spanish officers.

Edited by Andrew Hayward

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.

Source link

Adrian Zmudzinski

https://decrypt.co/284813/russian-evil-corp-sanctions-ransomware

2024-10-06 15:44:23

bitcoin
Bitcoin (BTC) $ 96,021.73 0.65%
ethereum
Ethereum (ETH) $ 3,335.00 0.81%
tether
Tether (USDT) $ 1.00 0.06%
xrp
XRP (XRP) $ 2.21 1.62%
bnb
BNB (BNB) $ 672.62 1.55%
solana
Solana (SOL) $ 185.62 0.49%
dogecoin
Dogecoin (DOGE) $ 0.316867 0.23%
usd-coin
USDC (USDC) $ 1.00 0.13%
cardano
Cardano (ADA) $ 0.904539 0.19%
staked-ether
Lido Staked Ether (STETH) $ 3,331.02 0.58%
tron
TRON (TRX) $ 0.24989 1.23%
avalanche-2
Avalanche (AVAX) $ 37.21 2.00%
chainlink
Chainlink (LINK) $ 23.14 3.72%
the-open-network
Toncoin (TON) $ 5.48 2.10%
wrapped-steth
Wrapped stETH (WSTETH) $ 3,952.37 0.69%
shiba-inu
Shiba Inu (SHIB) $ 0.000022 0.45%
wrapped-bitcoin
Wrapped Bitcoin (WBTC) $ 95,763.66 0.38%
sui
Sui (SUI) $ 4.34 3.40%
stellar
Stellar (XLM) $ 0.359753 0.35%
polkadot
Polkadot (DOT) $ 7.01 0.78%
hedera-hashgraph
Hedera (HBAR) $ 0.270474 3.90%
hyperliquid
Hyperliquid (HYPE) $ 28.67 15.31%
weth
WETH (WETH) $ 3,333.67 0.61%
bitcoin-cash
Bitcoin Cash (BCH) $ 447.97 1.19%
leo-token
LEO Token (LEO) $ 9.40 0.71%
uniswap
Uniswap (UNI) $ 14.11 2.98%
litecoin
Litecoin (LTC) $ 103.26 2.14%
pepe
Pepe (PEPE) $ 0.000018 3.08%
wrapped-eeth
Wrapped eETH (WEETH) $ 3,516.52 0.64%
near
NEAR Protocol (NEAR) $ 5.17 3.31%
ethena-usde
Ethena USDe (USDE) $ 1.00 0.17%
bitget-token
Bitget Token (BGB) $ 4.14 0.34%
usds
USDS (USDS) $ 1.00 0.43%
aptos
Aptos (APT) $ 9.30 1.67%
aave
Aave (AAVE) $ 337.35 11.19%
internet-computer
Internet Computer (ICP) $ 10.26 1.64%
crypto-com-chain
Cronos (CRO) $ 0.156243 0.62%
polygon-ecosystem-token
POL (ex-MATIC) (POL) $ 0.482153 0.58%
mantle
Mantle (MNT) $ 1.19 3.08%
ethereum-classic
Ethereum Classic (ETC) $ 26.62 1.35%
vechain
VeChain (VET) $ 0.046637 2.08%
render-token
Render (RENDER) $ 7.17 0.53%
monero
Monero (XMR) $ 191.53 1.90%
whitebit
WhiteBIT Coin (WBT) $ 24.47 0.62%
mantra-dao
MANTRA (OM) $ 3.65 0.46%
dai
Dai (DAI) $ 1.00 0.16%
bittensor
Bittensor (TAO) $ 461.97 0.82%
fetch-ai
Artificial Superintelligence Alliance (FET) $ 1.30 2.01%
arbitrum
Arbitrum (ARB) $ 0.766612 1.85%
ethena
Ethena (ENA) $ 1.06 0.12%