Security News > 2021 > November > U.S. Charges Ukrainian Hacker for Kaseya Attack; Seizes $6 Million from REvil Gang
The U.S. government on Monday charged a Ukrainian suspect, arrested in Poland last month, with deploying REvil ransomware to target multiple businesses and government entities in the country, including perpetrating the attack against software company Kaseya, marking the latest action to crack down on the cybercrime group and curb further attacks.
In another major development, the Justice Department disclosed the seizure of $6.1 million in alleged ransomware payments received by Russian national Yevgeniy Polyanin, who is currently at large and has been accused of conducting REvil ransomware attacks against multiple businesses and government entities in Texas dating back to August 16, 2019.
The latest development comes amid a flurry of law enforcement activity orchestrated by Europol under Operation GoldDust, which resulted in the arrests of six other REvil ransomware affiliates besides Vasinskyi across Romania, Kuwait, and South Korea.
The REvil ransomware gang is believed to have netted more than $200 million since it started operations and globally encrypted at least 175,000 computers.
Coinciding with the arrests, the U.S. government also announced it's offering a reward of up to $10 million for information leading to the identification or location of key leaders behind the REvil ransomware, in addition to paying out up to $5 million for information leading to the arrest or conviction of individuals, located in any country, participating in REvil ransomware attacks.
The U.S. Treasury Department imposed sanctions against Chatex, a virtual currency exchange, for "Facilitating financial transactions for ransomware actors," following a similar designation against Russian cryptocurrency exchange SUEX in September 2021.
News URL
https://thehackernews.com/2021/11/us-charges-ukrainian-hacker-for-kaseya.html
Related news
- North Korean govt hackers linked to Play ransomware attack (source)
- Hackers increasingly use Winos4.0 post-exploitation kit in attacks (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack' (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- 390,000 WordPress accounts stolen from hackers in supply chain attack (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)