Notorious Evil Corp Hackers Targeted NATO Allies for Russian Intelligence | WIRED

On Tuesday, the United Kingdom's National Crime Agency released new details about the real world identities of alleged Evil Corp members, the group's connection to the LockBit platform, and the gang's ties to the Russian state. UK law enforcement and international partners have released new details about the cybercriminal gang Evil Corp, including its use of the Lockbit ransomware platform and ties to Russian intelligence. But NCA officials emphasize that Evil Corp is an unusual example of a gang that has direct relationships with multiple Russian intelligence agencies—including Russia's Federal Security Service, or FSB; Foreign Intelligence Service, or SVR; and military intelligence agency known as the GRU. Unlike many Russian cybercrime groups that have evolved a distributed leadership structure online, NCA officials say that Evil Corp is organized like a more traditional crime syndicate around Yakubets' family and friends. Officials say that Maksim Yakubets has always been the primary liaison between Evil Corp and Russian intelligence. NCA officials say that after the US's 2019 sanctions and indictments against Evil Corp members, Benderskiy worked to protect the gang's senior members within Russia. But in a crowded field of prolific Russian cybercriminals, Evil Corp is most notable for its singular relationship with Russian intelligence. International law enforcement has worked for years to disrupt the cybercriminal gang Evil Corp and its egregious global crime spree. The group has extorted at least $300 million from victims on tops of its other spoils, and the United States Department of State is offering a $5 million reward for information leading to the arrest of the gang's alleged leader, Maksim Yakubets. For more than a decade, Evil Corp has used its Dridex malware and other hacking tools to compromise thousands of bank accounts around the world and steal funds.

This Cyber News was published on www.wired.com. Publication date: Tue, 01 Oct 2024 17:13:05 +0000


Cyber News related to Notorious Evil Corp Hackers Targeted NATO Allies for Russian Intelligence | WIRED

Evil Corp hit with new sanctions, BitPaymer ransomware charges - "Eduard Benderskiy (Benderskiy), a former Spetnaz officer of the Russian Federal Security Service (FSB), which is designated under numerous OFAC sanctions authorities, current Russian businessman, and the father-in-law of Evil Corp's leader ...
1 week ago Bleepingcomputer.com
Notorious Evil Corp Hackers Targeted NATO Allies for Russian Intelligence | WIRED - On Tuesday, the United Kingdom's National Crime Agency released new details about the real world identities of alleged Evil Corp members, the group's connection to the LockBit platform, and the gang's ties to the Russian state. UK law ...
1 week ago Wired.com
Evil Corp Cyber Criminals Group Identity Exposed Along with Lockbit Affiliate - Some members even collaborated with other crime groups, like LockBit, for technical tools.The NCA continues to track former Evil Corp members involved in ransomware activities. Further Evil Corp cyber criminals exposed following NCA investigation, ...
1 week ago Cybersecuritynews.com
More Evil Corp Actors Exposed, Including LockBit Affiliate - As part of Operation Cronos, an ongoing NCA-led international effort to disrupt Evil Corp, investigators discovered that Ryzhenkov had been involved in numerous LockBit ransomware attacks. Once a Moscow-based family financial crime group, Evil Corp ...
1 week ago Informationsecuritybuzz.com
Evil Corp hit with new sanctions, BitPaymer ransomware charges - "Eduard Benderskiy (Benderskiy), a former Spetnaz officer of the Russian Federal Security Service (FSB), which is designated under numerous OFAC sanctions authorities, current Russian businessman, and the father-in-law of Evil Corp's leader ...
1 week ago Bleepingcomputer.com
Eduard Benderskiy: Western authorities link Russian intelligence officer to Evil Corp cybercrime empire - Eduard Benderskiy, a former high-ranking official within the Russian intelligence services, was named and sanctioned by Western law enforcement agencies on Tuesday in a paper describing him as a key enabler and protector for the Evil Corp cybercrime ...
1 week ago Therecord.media
LockBit Associates Arrested, Evil Corp Bigwig Outed - "The exposure of Evil Corp's ties to LockBit is a major blow to the ransomware affiliate market," said Ferhat Dikbiyik, head of research at Black Kite, in an emailed statement to Dark Reading. In addition, Aleksandr Ryzhenkov (aka ...
1 week ago Darkreading.com
Russian military hackers target NATO fast reaction corps - Russian APT28 military hackers used Microsoft Outlook zero-day exploits to target multiple European NATO member countries, including a NATO Rapid Deployable Corps. Researchers from Palo Alto Networks' Unit 42 have observed them exploiting the ...
10 months ago Bleepingcomputer.com
NATO Draws a Cyber Red Line in Tensions With Russia - There has long been a military red line that NATO says Russia must not cross. Germany took a very strong diplomatic position, summoning Russia's representative, and then recalling its own Russian ambassador for talks. This is clearly a strong and ...
5 months ago Securityweek.com
NATO Draws a Cyber Red Line in Tensions With Russia - There has long been a military red line that NATO says Russia must not cross. Germany took a very strong diplomatic position, summoning Russia's representative, and then recalling its own Russian ambassador for talks. This is clearly a strong and ...
5 months ago Packetstormsecurity.com
Russia Cyber attack on Nato countries and ransomware attack on UMC Health System - Cybersecurity Insiders - The activities of Evil Corp and the ransomware attack on UMC Health System highlight the growing and evolving threats in the cyber landscape. The notorious Russian state-funded cyber threat group known as Evil Corp has recently made headlines for its ...
1 week ago Cybersecurity-insiders.com
4 new LockBit-related arrests, identities of suspected Evil Corp members, affiliates revealed - Help Net Security - The third phase of Operation Cronos, which involved officers from the UK National Crime Agency (NCA), the FBI, Europol and other law enforcement agencies, has resulted in the arrest of four persons for allegedly participating in the LockBit ...
1 week ago Helpnetsecurity.com
Police unmask Aleksandr Ryzhenkov as Evil Corp member and LockBit affiliate - Western authorities on Tuesday named Russian national Aleksandr Ryzhenkov as one of the main members of the Evil Corp cybercrime group, as well as identifying him as an affiliate of the LockBit group. At the same time as identifying Ryzhenkov as one ...
1 week ago Therecord.media
New Report From Flare Highlights Pervasive Threat of Initial Access Brokers in NATO Countries - PRESS RELEASE. Montreal, Quebec, Canada - February 6, 2024 - Flare, the leading Continuous Threat Exposure Management solution provider, has released a new report that explores and analyzes the cyber threat landscape and threats to NATO countries ...
8 months ago Darkreading.com
Cyber Insights 2023: The Geopolitical Effect - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. The Russia/Ukraine war that started in early 2022 has been mirrored by a ...
1 year ago Securityweek.com
FSB arrests Russian hackers working for Ukrainian cyber forces - The Russian Federal Security Service arrested two individuals believed to have helped Ukrainian forces carry out cyberattacks to disrupt Russian critical infrastructure targets. Both suspects were taken into custody one same day in two different ...
10 months ago Bleepingcomputer.com
CISA: Russian hackers target TeamCity servers since September - CISA and partner cybersecurity agencies and intelligence services warned that the APT29 hacking group linked to Russia's Foreign Intelligence Service has been targeting unpatched TeamCity servers in widespread attacks since September 2023. APT29 is ...
10 months ago Bleepingcomputer.com
Russian hackers stole Microsoft corporate emails in month-long breach - Microsoft disclosed Friday night that some of its corporate email accounts were breached and data stolen by the Russian state-sponsored hacking group Midnight Blizzard. The company detected the attack on January 12th, with Microsoft initiating its ...
8 months ago Bleepingcomputer.com
Russian hackers stole Microsoft corporate emails in month-long breach - Microsoft disclosed Friday night that some of its corporate email accounts were breached and data stolen by the Russian state-sponsored hacking group Midnight Blizzard. The company detected the attack on January 12th, with Microsoft initiating its ...
8 months ago Bleepingcomputer.com
HPE: Russian hackers breached its security team's email accounts - Hewlett Packard Enterprise disclosed today that suspected Russian hackers known as Midnight Blizzard gained access to the company's Microsoft Office 365 email environment to steal data from its cybersecurity team and other departments. Midnight ...
8 months ago Bleepingcomputer.com
Authorities Unmasked LockBit Affiliate Evil Corp Key Member - In a separate development, the United States Department of Justice unsealed a 2023 indictment charging Ryzhenkov with using the BitPaymer ransomware variant to attack numerous victims in Texas and throughout the United States. The United ...
1 week ago Cybersecuritynews.com
Poland says Russian military hackers target its govt networks - Poland says a state-backed threat group linked to Russia's military intelligence service has been targeting Polish government institutions throughout the week. According to evidence found by CSIRT MON, the country's Computer Security Incident ...
5 months ago Bleepingcomputer.com
Ukrainian military says it hacked Russia's federal tax agency - The Ukrainian government's military intelligence service says it hacked the Russian Federal Taxation Service, wiping the agency's database and backup copies. Following this operation, carried out by cyber units within Ukraine's Defense Intelligence, ...
10 months ago Bleepingcomputer.com
Russian military hackers target Ukraine with new MASEPIE malware - Ukraine's Computer Emergency Response Team is warning of a new phishing campaign that allowed Russia-linked hackers to deploy previously unseen malware on a network in under one hour. APT28, aka Fancy Bear or Strontium, is a Russian state-sponsored ...
9 months ago Bleepingcomputer.com
Russian hackers use Ngrok feature and WinRAR exploit to attack embassies - After Sandworm and APT28, another state-sponsored Russian hacker group, APT29, is leveraging the CVE-2023-38831 vulnerability in WinRAR for cyberattacks. APT29 is tracked under different names and has been targeting embassy entities with a BMW car ...
10 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)