BPOI Banner
DOJ Seizes $6 Million Linked to 'Devastating' Crypto Romance Schemes DOJ Seizes $6 Million Linked to 'Devastating' Crypto Romance Schemes

Russian ‘Evil Corp’ Group Hit With Sanctions After $100 Million in Ransomware Thefts

International law enforcement efforts have intensified against Evil Corp, a Russia-based cybercrime syndicate allegedly responsible for widespread financial theft and ransomware attacks.

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), the UK’s Foreign, Commonwealth & Development Office (FCDO), and Australia’s Department of Foreign Affairs and Trade (DFAT) jointly imposed sanctions on key members of the group last week. Simultaneously, the U.S. Department of Justice unsealed an indictment charging an Evil Corp member with deploying BitPaymer ransomware against victims in the United States.

Evil Corp is known for developing and distributing the Dridex malware, which has infected computers worldwide and harvested login credentials, leading to over $100 million stolen from hundreds of banks and financial institutions across more than 40 countries. The group’s activities are deeply rooted in Russia’s cybercrime landscape and have alleged connections to Russian state entities.

Corey Petty, a cybersecurity professional and the head of insights at digital-rights-focused investment firm Institute of Free Technology, told Decrypt that using cryptocurrency for ransom payments forms “the backbone of ransomware’s efficacy.”

“Blockchains are transparent and auditable, and once the transactions have been successfully incorporated into the chain, they are unchangeable,” he said, noting the perceived benefits of the technology.. But there’s also a potentially significant downside for criminals.

“This gives anyone the ability to track the flow of funds,” he added.

An October 3 Chainalysis report examines the overlap between Evil Corp and the cybercriminal group LockBit. On-chain data indicates that ransomware strains associated with Evil Corp and cryptocurrency clusters linked to Lockbit have used the same deposit addresses at centralized exchanges.

This suggests possible collaboration or shared infrastructure between the two groups, aligning with previous reports that Evil Corp has used LockBit to rebrand and distance itself from sanctioned entities.

The report also highlights that several members of Evil Corp are related, indicating close internal ties. Maksim Victorovich Yakubets, the leader of Evil Corp, has been noted by the U.S. Treasury Department for his alleged work with Russia’s Federal Security Service (FSB) and efforts to obtain a license to handle classified information.

Other designated individuals include his father, Viktor Yakubets, and father-in-law, Eduard Benderskiy, a former FSB officer. These connections suggest potential links between the cybercrime group and Russian state agencies.

The news follows Chainalysis Chief Marketing Officer Ian Andrews recently saying that “Russia has become an international force using cryptocurrency for everything from sanctions evasion to ransomware attacks.”

“Russia is just the loudest and possibly most pervasive in this space,” added Chainalysis Director of Intelligence Solutions, Valerie Kennedy.

Law enforcement agencies across multiple countries have taken coordinated actions to disrupt Evil Corp’s operations. Arrests and seizures have occurred in various nations, including the apprehension of a suspected LockBit developer by French authorities and the seizure of servers associated with LockBit’s ransomware infrastructure by Spanish officers.

Edited by Andrew Hayward

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.

Source link

Adrian Zmudzinski

https://decrypt.co/284813/russian-evil-corp-sanctions-ransomware

2024-10-06 15:44:23

bitcoin
Bitcoin (BTC) $ 91,133.42 3.54%
ethereum
Ethereum (ETH) $ 3,089.16 0.65%
tether
Tether (USDT) $ 1.00 0.00%
solana
Solana (SOL) $ 217.62 3.35%
bnb
BNB (BNB) $ 620.12 0.47%
dogecoin
Dogecoin (DOGE) $ 0.377478 1.61%
xrp
XRP (XRP) $ 0.888055 10.42%
usd-coin
USDC (USDC) $ 1.00 0.05%
staked-ether
Lido Staked Ether (STETH) $ 3,087.17 0.80%
cardano
Cardano (ADA) $ 0.71586 22.23%
tron
TRON (TRX) $ 0.192437 8.78%
shiba-inu
Shiba Inu (SHIB) $ 0.000025 5.55%
the-open-network
Toncoin (TON) $ 5.38 2.39%
avalanche-2
Avalanche (AVAX) $ 32.97 5.16%
wrapped-bitcoin
Wrapped Bitcoin (WBTC) $ 91,019.39 3.61%
wrapped-steth
Wrapped stETH (WSTETH) $ 3,652.31 0.66%
sui
Sui (SUI) $ 3.65 9.47%
pepe
Pepe (PEPE) $ 0.000023 8.59%
weth
WETH (WETH) $ 3,087.14 0.71%
chainlink
Chainlink (LINK) $ 13.81 5.83%
bitcoin-cash
Bitcoin Cash (BCH) $ 431.22 3.49%
polkadot
Polkadot (DOT) $ 5.16 7.94%
leo-token
LEO Token (LEO) $ 7.66 3.07%
near
NEAR Protocol (NEAR) $ 5.49 1.54%
litecoin
Litecoin (LTC) $ 83.91 3.41%
aptos
Aptos (APT) $ 11.80 5.66%
wrapped-eeth
Wrapped eETH (WEETH) $ 3,248.59 0.46%
usds
USDS (USDS) $ 0.996316 0.31%
uniswap
Uniswap (UNI) $ 8.55 4.62%
crypto-com-chain
Cronos (CRO) $ 0.170712 15.59%
stellar
Stellar (XLM) $ 0.145097 9.56%
internet-computer
Internet Computer (ICP) $ 8.66 8.28%
dogwifcoin
dogwifhat (WIF) $ 3.85 8.47%
bittensor
Bittensor (TAO) $ 518.47 4.06%
ethereum-classic
Ethereum Classic (ETC) $ 23.19 6.02%
kaspa
Kaspa (KAS) $ 0.136998 0.66%
fetch-ai
Artificial Superintelligence Alliance (FET) $ 1.29 4.55%
dai
Dai (DAI) $ 0.999711 0.07%
whitebit
WhiteBIT Coin (WBT) $ 22.32 0.83%
ethena-usde
Ethena USDe (USDE) $ 1.00 0.12%
bonk
Bonk (BONK) $ 0.000044 23.23%
polygon-ecosystem-token
POL (ex-MATIC) (POL) $ 0.372551 4.06%
blockstack
Stacks (STX) $ 1.87 3.19%
hedera-hashgraph
Hedera (HBAR) $ 0.074672 16.63%
render-token
Render (RENDER) $ 6.93 4.59%
monero
Monero (XMR) $ 144.16 3.57%
okb
OKB (OKB) $ 43.95 1.09%
first-digital-usd
First Digital USD (FDUSD) $ 1.00 0.08%
filecoin
Filecoin (FIL) $ 4.17 7.79%
floki
FLOKI (FLOKI) $ 0.000255 19.07%