The U.K.’s National Crime Agency has linked a long-standing affiliate of the LockBit ransomware group to the notorious Russia-backed Evil Corp, a cybercrime gang with links to the Russian government.
The NCA said on Tuesday that it had unmasked the LockBit affiliate, known as “Beverley,” as Russian national Aleksandr Ryzhenkov, who British authorities believe to be “second in command” at Evil Corp. This is the latest effort by U.K. and international law enforcement — dubbed Operation Cronos — aimed at disrupting the operations of LockBit, once one of the most prolific Russian ransomware gangs, and Evil Corp, one of Russia’s top cybercrime groups with known links to the Russian government.
Read more…
Source: TechCrunch News
Related:
- Goznym Malware: Cybercriminal Network Dismantled In International Operation
May 16, 2019
An unprecedented, international law enforcement operation has dismantled a complex, globally operating and organised cybercrime network. The criminal network used GozNym malware in an attempt to steal an estimated $100 million from more than 41 000 victims, primarily businesses and their financial institutions. A criminal Indictment returned by a federal grand jury in Pittsburgh, USA charges ...
- Spam and phishing in Q1 2019
May 15, 2019
As per tradition, phishing timed to coincide with lovey-dovey day was aimed at swindling valuable confidential information out of starry-eyed users, such as bank card details. The topics exploited by cybercriminals ranged from online flower shops to dating sites. But most often, users were invited to order gifts for loved ones and buy medications such as ...
- Lax Telco Security Allows Mobile Phone Hijacking and Redirects
May 9, 2019
As anyone who has called into a bank or utility provider lately knows, security for customer service routines – the prescribed ways in which support reps verify the identity of customers that call in – are being continually upgraded. Two-factor authentication, voice passwords, various security questions (“what was the name of your first pet,” for ...
- FIN7.5: the infamous cybercrime rig “FIN7” continues its activities
May 8, 2019
On August 1, 2018, the US Department of Justice announced that it had arrested several individuals suspected of having ties to the FIN7 cybercrime rig. FIN7 operations are linked to numerous intrusion attempts having targeted hundreds of companies since at least as early as 2015. Interestingly, this threat actor created fake companies in order to ...
- Surge of MegaCortex ransomware attacks detected
May 6, 2019
UK cyber-security firm Sophos reported detecting a spike in ransomware attacks at the end of last week from a new strain named MegaCortex. Sophos said the ransomware appears to have been designed to target large enterprise networks as part of carefully planned targeted intrusions –in a tactic that is known as “big-game hunting.” The modus operandi is ...
- Mysterious hacker has been selling Windows 0-days to APT groups for three years
May 1, 2019
For the past three years, a mysterious hacker has been selling Windows zero-days to at least three cyber-espionage groups, as well as cyber-crime gangs, researchers from Kaspersky Lab have told ZDNet. The hacker’s activity reinforces recent assessments that some government-backed cyber-espionage groups –also known as APTs (advanced persistent threats)– will regularly buy zero-day exploits from third-party entities, ...