CyberSecurityBoard
Sponsor Register Login

LockBit Associates Arrested, Evil Corp Bigwig Outed

"The exposure of Evil Corp's ties to LockBit is a major blow to the ransomware affiliate market," said Ferhat Dikbiyik, head of research at Black Kite, in an emailed statement to Dark Reading. In addition, Aleksandr Ryzhenkov (aka Beverley), who was once second-in-command for the infamous Evil Corp cybercrime organization, was sanctioned and named as an affiliate for LockBit, indicating ties between the two groups. A global operation cuffed four LockBit suspects and offered more details into the org chart of Russia's infamous Evil Corp cybercrime gang. Russia-based Evil Corp, the outfit behind the Zeus and Dridex banking Trojans, largely disappeared from the cybercrime scene following US sanctions in 2019, which included the outing of Yakubets, his relationship with an FSB agent who is his father-in-law, and the exposure of Evil Corp's inner workings. In another phase of Operation Cronos, Europol and Eurojust have taken more action against the LockBit ransomware gang by making four arrests and seizing devices used as part of the ransomware's infrastructure. However, the Japanese Police, National Crime Agency, and FBI are focusing their expertise on developing decryption tools to recover files encrypted and lost to LockBit ransomware, according to Europol. The arrests were of a suspected developer for the group in France; two LockBit affiliates apprehended by the British authorities; and a bulletproof hosting service administrator cuffed by Spanish police, which also confiscated nine servers. Meanwhile, the US, the UK, and Australia imposed sanctions against Ryzhenkov, who the UK's National Crime Agency identified as a top lieutenant to Evil Corp leader Maxim Yakubets. LockBit ransomware has been deployed across a variety of sectors, including financial service, food and agriculture, education, energy, government and emergency services, and healthcare, among others. Copyright © 2024 Informa PLC Informa UK Limited is a company registered in England and Wales with company number 1072954 whose registered office is 5 Howick Place, London, SW1P 1WG. According to the NCA, Ryzhenkov was key to the development of Evil Corp's post-sanctions WastedLocker ransomware, which was a ransomware-as-a-service (RaaS) offering circulating in 2020. Meanwhile, LockBit has denied having any working relationship with Evil Corp.

This Cyber News was published on www.darkreading.com. Publication date: Tue, 01 Oct 2024 20:35:11 +0000


Cyber News related to LockBit Associates Arrested, Evil Corp Bigwig Outed

Evil Corp hit with new sanctions, BitPaymer ransomware charges - "Eduard Benderskiy (Benderskiy), a former Spetnaz officer of the Russian Federal Security Service (FSB), which is designated under numerous OFAC sanctions authorities, current Russian businessman, and the father-in-law of Evil Corp's leader ...
1 month ago Bleepingcomputer.com
LockBit Associates Arrested, Evil Corp Bigwig Outed - "The exposure of Evil Corp's ties to LockBit is a major blow to the ransomware affiliate market," said Ferhat Dikbiyik, head of research at Black Kite, in an emailed statement to Dark Reading. In addition, Aleksandr Ryzhenkov (aka ...
1 month ago Darkreading.com
Evil Corp Cyber Criminals Group Identity Exposed Along with Lockbit Affiliate - Some members even collaborated with other crime groups, like LockBit, for technical tools.The NCA continues to track former Evil Corp members involved in ransomware activities. Further Evil Corp cyber criminals exposed following NCA investigation, ...
1 month ago Cybersecuritynews.com
More Evil Corp Actors Exposed, Including LockBit Affiliate - As part of Operation Cronos, an ongoing NCA-led international effort to disrupt Evil Corp, investigators discovered that Ryzhenkov had been involved in numerous LockBit ransomware attacks. Once a Moscow-based family financial crime group, Evil Corp ...
1 month ago Informationsecuritybuzz.com
Notorious Evil Corp Hackers Targeted NATO Allies for Russian Intelligence | WIRED - On Tuesday, the United Kingdom's National Crime Agency released new details about the real world identities of alleged Evil Corp members, the group's connection to the LockBit platform, and the gang's ties to the Russian state. UK law ...
1 month ago Wired.com
Evil Corp hit with new sanctions, BitPaymer ransomware charges - "Eduard Benderskiy (Benderskiy), a former Spetnaz officer of the Russian Federal Security Service (FSB), which is designated under numerous OFAC sanctions authorities, current Russian businessman, and the father-in-law of Evil Corp's leader ...
1 month ago Bleepingcomputer.com
4 new LockBit-related arrests, identities of suspected Evil Corp members, affiliates revealed - Help Net Security - The third phase of Operation Cronos, which involved officers from the UK National Crime Agency (NCA), the FBI, Europol and other law enforcement agencies, has resulted in the arrest of four persons for allegedly participating in the LockBit ...
1 month ago Helpnetsecurity.com
Law enforcement agencies arrest 4 alleged LockBit members | TechTarget - Authorities arrested four suspected members of the LockBit ransomware gang during the third phase of the international law enforcement effort dubbed Operation Cronos. Operation Cronos' efforts to disrupt the LockBit ransomware gang continue as ...
1 month ago Techtarget.com
Police arrested four new individuals linked to the LockBit ransomware operation - “Europol supported a new series of actions against LockBit actors, which involved 12 countries and Eurojust and led to four arrests and seizures of servers critical for LockBit’s infrastructure.” reads the press release published by ...
1 month ago Securityaffairs.com
Police arrest four suspects linked to LockBit ransomware gang - Previous arrests of Lockbit ransomware actors (some of them already charged for various offenses) include Mikhail Pavlovich Matveev (aka Wazawaka) in May 2023, Artur Sungatov and Ivan Gennadievich Kondratiev (aka Bassterlord) in February 2024, and ...
1 month ago Bleepingcomputer.com
Hubris May Have Contributed to Downfall of Ransomware Kingpin LockBit - For all its vaunted success, the LockBit ransomware operation appears to have already been beset by problems when an international law enforcement effort led by the UK's National Crime Agency shut it down this week. Though it's likely that the dozens ...
8 months ago Darkreading.com
Police unmask Aleksandr Ryzhenkov as Evil Corp member and LockBit affiliate - Western authorities on Tuesday named Russian national Aleksandr Ryzhenkov as one of the main members of the Evil Corp cybercrime group, as well as identifying him as an affiliate of the LockBit group. At the same time as identifying Ryzhenkov as one ...
1 month ago Therecord.media
U.S. Joins U.K. to Seize LockBit Site, Disrupt Massive Ransomware Variant - The U.S. Department of Justice has partnered with the United Kingdom and international law enforcement partners in London today to announce the disruption of the LockBit ransomware group. The LockBit ransomware group is one of the most active ...
9 months ago Americansecuritytoday.com
Eduard Benderskiy: Western authorities link Russian intelligence officer to Evil Corp cybercrime empire - Eduard Benderskiy, a former high-ranking official within the Russian intelligence services, was named and sanctioned by Western law enforcement agencies on Tuesday in a paper describing him as a key enabler and protector for the Evil Corp cybercrime ...
1 month ago Therecord.media
Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates - U.S. and U.K. authorities have seized the darknet websites run by LockBit, a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. Instead of listing data stolen from ...
9 months ago Krebsonsecurity.com
LockBit Ransomware and Evil Corp Members Arrested and Sanctioned in Joint Global Effort - The group, responsible for the development and distribution of the Dridex (aka Bugat) malware, has been previously observed deploying LockBit and other ransomware strains in 2022 in order to get around sanctions imposed against the group in December ...
1 month ago Thehackernews.com
LockBit Ransomware Targets German Energy Agency Dena - Dena, the reputed German Energy Agency, is said to have fallen victim to the notorious LockBit ransomware group. The Dena cyberattack was revealed through a post on the threat actor's dark web platform, where they disclose data breach incidents and ...
11 months ago Heimdalsecurity.com
Authorities Unmasked LockBit Affiliate Evil Corp Key Member - In a separate development, the United States Department of Justice unsealed a 2023 indictment charging Ryzhenkov with using the BitPaymer ransomware variant to attack numerous victims in Texas and throughout the United States. The United ...
1 month ago Cybersecuritynews.com
LockBit Ransomware Affiliate Sentenced to Prison in Canada - A Russian-Canadian national was sentenced to nearly four years in prison in Canada for his role in the LockBit ransomware operation. The man, Mikhail Vasiliev, 34, was arrested in October 2022 in his home in Bradford, Ontario. In February 2024, he ...
8 months ago Securityweek.com
LockBit attacks continue via ConnectWise ScreenConnect flaws - Exploitation of two critical ConnectWise vulnerabilities continues to mount, with many attacks attributed to ransomware gangs such as LockBit. Last month, ConnectWise disclosed an authentication bypass vulnerability, tracked as CVE-2024-1708, that ...
8 months ago Techtarget.com
Texas Retina Associates Notifies Nearly 300k People of Recent Data Breach - On June 26, 2024, Texas Retina Associates filed a notice of data breach with the Attorney General of Texas after discovering that confidential information that had been entrusted to the company was subject to unauthorized access. In this notice, ...
4 months ago Jdsupra.com
Copycat Criminals mimicking Lockbit gang in northern Europe - Recent reports of Lockbit locker-based attacks against North European SMBs indicate that local crooks started using Lockbit locker variants. During the past months, the Lockbit gang reached very high popularity in the underground ecosystem. The ...
1 year ago Securityaffairs.com
LockBit Ransomware Gang's Website Shut Down - The U.K. National Crime Agency's Cyber Division, the FBI and international partners have cut off ransomware threat actors' access to LockBit's website, which has been used as a large ransomware-as-a-service storefront. According to CISA, LockBit was ...
9 months ago Techrepublic.com
LockBit claim about hacking U.S. Federal Reserve fizzles - The LockBit ransomware gang claimed it had breached the U.S. Federal Reserve, but it ultimately leaked data belonging to a single bank. On June 23, LockBit listed the U.S. Federal Reserve on its data leak site and claimed to have obtained roughly 33 ...
4 months ago Techtarget.com
Russia Cyber attack on Nato countries and ransomware attack on UMC Health System - Cybersecurity Insiders - The activities of Evil Corp and the ransomware attack on UMC Health System highlight the growing and evolving threats in the cyber landscape. The notorious Russian state-funded cyber threat group known as Evil Corp has recently made headlines for its ...
1 month ago Cybersecurity-insiders.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)