CyberSecurityBoard
Sponsor Register Login

LockBit Ransomware and Evil Corp Members Arrested and Sanctioned in Joint Global Effort

The group, responsible for the development and distribution of the Dridex (aka Bugat) malware, has been previously observed deploying LockBit and other ransomware strains in 2022 in order to get around sanctions imposed against the group in December 2019, including key members Maksim Yakubets and Igor Turashev. In conjunction, authorities outed a Russian national named Aleksandr Ryzhenkov (aka Beverley, Corbyn_Dallas, G, Guester, and Kotosel) as one of the high-ranking members of the Evil Corp cybercrime group, while simultaneously painting him as a LockBit affiliate. A total of 16 individuals who were part of Evil Corp have been sanctioned by the U.K. Also tracked as Gold Drake and Indrik Spider, the infamous hacking crew has been active since 2014, targeting banks and financial institutions with the ultimate goal of stealing users' credentials and financial information in order to facilitate unauthorized fund transfers. A new wave of international law enforcement actions has led to four arrests and the takedown of nine servers linked to the LockBit (aka Bitwise Spider) ransomware operation, marking the latest salvo against what was once a prolific financially motivated group. Ryzhenkov has been described by the U.K. National Crime Agency (NCA) as Yakubets' right-hand man, with the U.S. Department of Justice (DoJ) accusing him of deploying BitPaymer ransomware to target victims across the country since at least June 2017. This includes the arrest of a suspected LockBit developer in France while on holiday outside of Russia, two individuals in the U.K. who allegedly supported an affiliate, and an administrator of a bulletproof hosting service in Spain used by the ransomware group, Europol said in a statement. "The United States, in close coordination with our allies and partners, including through the Counter Ransomware Initiative, will continue to expose and disrupt the criminal networks that seek personal profit from the pain and suffering of their victims," said Acting Under Secretary of the Treasury for Terrorism and Financial Intelligence, Bradley T. "Ryzhenkov used the affiliate name Beverley, made over 60 LockBit ransomware builds and sought to extort at least $100 million from victims in ransom demands," officials said.

This Cyber News was published on thehackernews.com. Publication date: Thu, 03 Oct 2024 08:43:09 +0000


Cyber News related to LockBit Ransomware and Evil Corp Members Arrested and Sanctioned in Joint Global Effort

Evil Corp hit with new sanctions, BitPaymer ransomware charges - "Eduard Benderskiy (Benderskiy), a former Spetnaz officer of the Russian Federal Security Service (FSB), which is designated under numerous OFAC sanctions authorities, current Russian businessman, and the father-in-law of Evil Corp's leader ...
6 months ago Bleepingcomputer.com
Evil Corp Cyber Criminals Group Identity Exposed Along with Lockbit Affiliate - Some members even collaborated with other crime groups, like LockBit, for technical tools.The NCA continues to track former Evil Corp members involved in ransomware activities. Further Evil Corp cyber criminals exposed following NCA investigation, ...
6 months ago Cybersecuritynews.com LockBit
More Evil Corp Actors Exposed, Including LockBit Affiliate - As part of Operation Cronos, an ongoing NCA-led international effort to disrupt Evil Corp, investigators discovered that Ryzhenkov had been involved in numerous LockBit ransomware attacks. Once a Moscow-based family financial crime group, Evil Corp ...
6 months ago Informationsecuritybuzz.com LockBit
LockBit Associates Arrested, Evil Corp Bigwig Outed - "The exposure of Evil Corp's ties to LockBit is a major blow to the ransomware affiliate market," said Ferhat Dikbiyik, head of research at Black Kite, in an emailed statement to Dark Reading. In addition, Aleksandr Ryzhenkov (aka ...
6 months ago Darkreading.com LockBit
Law enforcement agencies arrest 4 alleged LockBit members | TechTarget - Authorities arrested four suspected members of the LockBit ransomware gang during the third phase of the international law enforcement effort dubbed Operation Cronos. Operation Cronos' efforts to disrupt the LockBit ransomware gang continue as ...
6 months ago Techtarget.com LockBit
Notorious Evil Corp Hackers Targeted NATO Allies for Russian Intelligence | WIRED - On Tuesday, the United Kingdom's National Crime Agency released new details about the real world identities of alleged Evil Corp members, the group's connection to the LockBit platform, and the gang's ties to the Russian state. UK law ...
6 months ago Wired.com LockBit
Hubris May Have Contributed to Downfall of Ransomware Kingpin LockBit - For all its vaunted success, the LockBit ransomware operation appears to have already been beset by problems when an international law enforcement effort led by the UK's National Crime Agency shut it down this week. Though it's likely that the dozens ...
1 year ago Darkreading.com LockBit Ragnar Locker
Evil Corp hit with new sanctions, BitPaymer ransomware charges - "Eduard Benderskiy (Benderskiy), a former Spetnaz officer of the Russian Federal Security Service (FSB), which is designated under numerous OFAC sanctions authorities, current Russian businessman, and the father-in-law of Evil Corp's leader ...
6 months ago Bleepingcomputer.com
U.S. Joins U.K. to Seize LockBit Site, Disrupt Massive Ransomware Variant - The U.S. Department of Justice has partnered with the United Kingdom and international law enforcement partners in London today to announce the disruption of the LockBit ransomware group. The LockBit ransomware group is one of the most active ...
1 year ago Americansecuritytoday.com LockBit
10 Best Ransomware Protection Tools - 2025 - It protects devices from ransomware and other cyber threats using advanced threat intelligence, behavioral analysis, and cloud-based technology. It monitors and prevents ransomware assaults on personal files and automatically restores encrypted ...
1 month ago Cybersecuritynews.com
Police arrest four suspects linked to LockBit ransomware gang - Previous arrests of Lockbit ransomware actors (some of them already charged for various offenses) include Mikhail Pavlovich Matveev (aka Wazawaka) in May 2023, Artur Sungatov and Ivan Gennadievich Kondratiev (aka Bassterlord) in February 2024, and ...
6 months ago Bleepingcomputer.com LockBit
4 new LockBit-related arrests, identities of suspected Evil Corp members, affiliates revealed - Help Net Security - The third phase of Operation Cronos, which involved officers from the UK National Crime Agency (NCA), the FBI, Europol and other law enforcement agencies, has resulted in the arrest of four persons for allegedly participating in the LockBit ...
6 months ago Helpnetsecurity.com LockBit
10 Best Ransomware File Decryptor Tools in 2025 - Kaspersky Rakhni Decryptor contains different decryption tools based on various versions of Rakhni ransomware and helps you decrypt encrypted files on your system. PyLocky Ransomware Decryption Tool is a free and open source developed and released by ...
3 days ago Cybersecuritynews.com
Police arrested four new individuals linked to the LockBit ransomware operation - “Europol supported a new series of actions against LockBit actors, which involved 12 countries and Eurojust and led to four arrests and seizures of servers critical for LockBit’s infrastructure.” reads the press release published by ...
6 months ago Securityaffairs.com LockBit
LockBit Ransomware and Evil Corp Members Arrested and Sanctioned in Joint Global Effort - The group, responsible for the development and distribution of the Dridex (aka Bugat) malware, has been previously observed deploying LockBit and other ransomware strains in 2022 in order to get around sanctions imposed against the group in December ...
6 months ago Thehackernews.com Indrik Spider LockBit
Police unmask Aleksandr Ryzhenkov as Evil Corp member and LockBit affiliate - Western authorities on Tuesday named Russian national Aleksandr Ryzhenkov as one of the main members of the Evil Corp cybercrime group, as well as identifying him as an affiliate of the LockBit group. At the same time as identifying Ryzhenkov as one ...
6 months ago Therecord.media LockBit
Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates - U.S. and U.K. authorities have seized the darknet websites run by LockBit, a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. Instead of listing data stolen from ...
1 year ago Krebsonsecurity.com LockBit
Eduard Benderskiy: Western authorities link Russian intelligence officer to Evil Corp cybercrime empire - Eduard Benderskiy, a former high-ranking official within the Russian intelligence services, was named and sanctioned by Western law enforcement agencies on Tuesday in a paper describing him as a key enabler and protector for the Evil Corp cybercrime ...
6 months ago Therecord.media
LockBit Ransomware Targets German Energy Agency Dena - Dena, the reputed German Energy Agency, is said to have fallen victim to the notorious LockBit ransomware group. The Dena cyberattack was revealed through a post on the threat actor's dark web platform, where they disclose data breach incidents and ...
1 year ago Heimdalsecurity.com LockBit
LockBit Ransomware Gang's Website Shut Down - The U.K. National Crime Agency's Cyber Division, the FBI and international partners have cut off ransomware threat actors' access to LockBit's website, which has been used as a large ransomware-as-a-service storefront. According to CISA, LockBit was ...
1 year ago Techrepublic.com LockBit
Authorities Unmasked LockBit Affiliate Evil Corp Key Member - In a separate development, the United States Department of Justice unsealed a 2023 indictment charging Ryzhenkov with using the BitPaymer ransomware variant to attack numerous victims in Texas and throughout the United States. The United ...
6 months ago Cybersecuritynews.com LockBit
Alleged Russian LockBit developer extradited from Israel, appears in New Jersey court | The Record from Recorded Future News - Since December, Justice Department officials have sought Panev’s extradition after a criminal complaint was unsealed last year accusing him of acting as a developer of the LockBit ransomware from 2019 to at least February 2024. The dual ...
3 weeks ago Therecord.media LockBit
The Week in Ransomware - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. That does not mean there was nothing of interest released this week about ransomware. A report by CISA said that the ...
10 months ago Bleepingcomputer.com LockBit Inc ransom Black Basta
LockBit attacks continue via ConnectWise ScreenConnect flaws - Exploitation of two critical ConnectWise vulnerabilities continues to mount, with many attacks attributed to ransomware gangs such as LockBit. Last month, ConnectWise disclosed an authentication bypass vulnerability, tracked as CVE-2024-1708, that ...
1 year ago Techtarget.com CVE-2024-1708 CVE-2024-1709 LockBit
LockBit Ransomware Affiliate Sentenced to Prison in Canada - A Russian-Canadian national was sentenced to nearly four years in prison in Canada for his role in the LockBit ransomware operation. The man, Mikhail Vasiliev, 34, was arrested in October 2022 in his home in Bradford, Ontario. In February 2024, he ...
1 year ago Securityweek.com LockBit

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)