Security News > 2023 > February > U.K. and U.S. Sanction 7 Russians for TrickBot, Ryuk, and Conti Ransomware Attacks

"Current members of the TrickBot group are associated with Russian Intelligence Services," the U.S. Treasury Department noted.
"The TrickBot group's preparations in 2020 aligned them to Russian state objectives and targeting previously conducted by Russian Intelligence Services."
The infamous malware-as-a-service platform, up until its formal closure early last year, served as a prominent vehicle for countless Ryuk and Conti ransomware attacks, with the latter eventually taking over control of the TrickBot criminal enterprise prior to its own shutdown in mid-2022.
"While Wizard Spider's operations have significantly reduced following the demise of Conti in June 2022, these sanctions will likely cause disruption to the adversary's operations while they look for ways to circumvent the sanctions," Adam Meyers, head of intelligence at CrowdStrike, said in a statement.
The efforts are also complicated as Russia has long offered a safe haven for criminal groups, enabling them to carry out attacks without facing any repercussions as long as the assaults don't single out domestic targets or its allies.
According to data from NCC Group, ransomware attacks witnessed a 5% decline in 2022, dropping from 2,667 the previous year to 2,531, even as victims are increasingly refusing to pay up, leading to a slump in illicit revenues.
News URL
https://thehackernews.com/2023/02/uk-and-us-sanction-7-russians-for.html
Related news
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- BadPilot network hacking campaign fuels Russian SandWorm attacks (source)
- RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset (source)
- Chinese espionage tools deployed in RA World ransomware attack (source)
- Lee Enterprises newspaper disruptions caused by ransomware attack (source)
- Southern Water says Black Basta ransomware attack cost £4.5M in expenses (source)
- Qilin ransomware claims attack at Lee Enterprises, leaks stolen data (source)
- Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hunters International ransomware claims attack on Tata Technologies (source)