Security News > 2023 > February > U.K. and U.S. Sanction 7 Russians for TrickBot, Ryuk, and Conti Ransomware Attacks
"Current members of the TrickBot group are associated with Russian Intelligence Services," the U.S. Treasury Department noted.
"The TrickBot group's preparations in 2020 aligned them to Russian state objectives and targeting previously conducted by Russian Intelligence Services."
The infamous malware-as-a-service platform, up until its formal closure early last year, served as a prominent vehicle for countless Ryuk and Conti ransomware attacks, with the latter eventually taking over control of the TrickBot criminal enterprise prior to its own shutdown in mid-2022.
"While Wizard Spider's operations have significantly reduced following the demise of Conti in June 2022, these sanctions will likely cause disruption to the adversary's operations while they look for ways to circumvent the sanctions," Adam Meyers, head of intelligence at CrowdStrike, said in a statement.
The efforts are also complicated as Russia has long offered a safe haven for criminal groups, enabling them to carry out attacks without facing any repercussions as long as the assaults don't single out domestic targets or its allies.
According to data from NCC Group, ransomware attacks witnessed a 5% decline in 2022, dropping from 2,667 the previous year to 2,531, even as victims are increasingly refusing to pay up, leading to a slump in illicit revenues.
News URL
https://thehackernews.com/2023/02/uk-and-us-sanction-7-russians-for.html
Related news
- Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks (source)
- Embargo ransomware escalates attacks to cloud environments (source)
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)
- Ransomware attack forces UMC Health System to divert some patients (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Underground ransomware claims attack on Casio, leaks stolen data (source)
- Casio confirms customer data stolen in a ransomware attack (source)
- Schools bombarded by nation-state attacks, ransomware gangs, and everyone in between (source)
- BianLian ransomware claims attack on Boston Children's Health Physicians (source)
- Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant (source)