The U.K.’s National Crime Agency has linked a long-standing affiliate of the LockBit ransomware group to the notorious Russia-backed Evil Corp, a cybercrime gang with links to the Russian government.
The NCA said on Tuesday that it had unmasked the LockBit affiliate, known as “Beverley,” as Russian national Aleksandr Ryzhenkov, who British authorities believe to be “second in command” at Evil Corp. This is the latest effort by U.K. and international law enforcement — dubbed Operation Cronos — aimed at disrupting the operations of LockBit, once one of the most prolific Russian ransomware gangs, and Evil Corp, one of Russia’s top cybercrime groups with known links to the Russian government.
Read more…
Source: TechCrunch News
Related:
- Operation Endgame follow-up leads to five detentions and interrogations as well as server takedowns
April 9, 2025
Following the massive botnet takedown codenamed Operation Endgame in May 2024, which shut down the biggest malware droppers, including IcedID, SystemBC, Pikabot, Smokeloader and Bumblebee, law enforcement agencies across North America and Europe dealt another blow to the malware ecosystem in early 2025. In a coordinated series of actions, customers of the Smokeloader pay-per-install botnet, operated ...
- Hackers to Target Elon Musk For a ‘Full Month’
April 8, 2025
A group of hackers that previously targeted President Donald Trump has pledged to take aim at Elon Musk for the next month. DonRoad Team, which previously claimed responsibility for taking down several Trump-associated websites, announced Monday it would begin hitting sites linked to Elon Musk. Elon Musk has increasing become a target of backlash as a result ...
- Attackers distributing a miner and the ClipBanker Trojan via SourceForge
April 8, 2025
Recently, Kaspersky researchers noticed a rather unique scheme for distributing malware that exploits SourceForge, a popular website providing software hosting, comparison, and distribution services. The site hosts numerous software projects, and anyone can upload theirs. One such project, officepackage, on the main website sourceforge. net, appears harmless enough, containing Microsoft Office add-ins copied from a legitimate ...
- 2025 Ransomware: Business as Usual, Business is Booming
April 8, 2025
Getting an edge on your adversaries involves understanding their behaviors and their mindset. Rapid7 Labs took a look at internal and publicly-available ransomware data for Q1 2025 and added our own insights to provide a picture of the year thus far—and what you can do now to reduce your attack surface against ransomware. The data highlights ...
- Kellogg’s leaks sensitive data after Clop attack
April 8, 2025
WK Kellogg, the company behind the Kellogg’s cereals, has been hit by a major data breach. Cybercriminals from the ransomware group Clop exploited a vulnerability in the software of an external supplier, stealing employees’ personal data. The data breach took place in December 2024, when data was stolen from the file transfer service Cleo. At the ...
- Musk cuts US cyber defences against Russia, increasing threats to UK
April 7, 2025
The Pentagon cyber unit that helps counter threats from Russia has had part of its funding cut. US Cyber Command (USCC), which is charged with defending US military networks, has been ordered to axe contract dealings with private-sector partners, and freeze recruitment. The shock move could have a major impact on Britain’s ability to defend itself ...