Security News > 2023 > February > U.K. and U.S. Sanction 7 Russians for TrickBot, Ryuk, and Conti Ransomware Attacks

U.K. and U.S. Sanction 7 Russians for TrickBot, Ryuk, and Conti Ransomware Attacks
2023-02-10 09:34

"Current members of the TrickBot group are associated with Russian Intelligence Services," the U.S. Treasury Department noted.

"The TrickBot group's preparations in 2020 aligned them to Russian state objectives and targeting previously conducted by Russian Intelligence Services."

The infamous malware-as-a-service platform, up until its formal closure early last year, served as a prominent vehicle for countless Ryuk and Conti ransomware attacks, with the latter eventually taking over control of the TrickBot criminal enterprise prior to its own shutdown in mid-2022.

"While Wizard Spider's operations have significantly reduced following the demise of Conti in June 2022, these sanctions will likely cause disruption to the adversary's operations while they look for ways to circumvent the sanctions," Adam Meyers, head of intelligence at CrowdStrike, said in a statement.

The efforts are also complicated as Russia has long offered a safe haven for criminal groups, enabling them to carry out attacks without facing any repercussions as long as the assaults don't single out domestic targets or its allies.

According to data from NCC Group, ransomware attacks witnessed a 5% decline in 2022, dropping from 2,667 the previous year to 2,531, even as victims are increasingly refusing to pay up, leading to a slump in illicit revenues.


News URL

https://thehackernews.com/2023/02/uk-and-us-sanction-7-russians-for.html