Security News > 2023 > February > U.K. and U.S. Sanction 7 Russians for TrickBot, Ryuk, and Conti Ransomware Attacks
"Current members of the TrickBot group are associated with Russian Intelligence Services," the U.S. Treasury Department noted.
"The TrickBot group's preparations in 2020 aligned them to Russian state objectives and targeting previously conducted by Russian Intelligence Services."
The infamous malware-as-a-service platform, up until its formal closure early last year, served as a prominent vehicle for countless Ryuk and Conti ransomware attacks, with the latter eventually taking over control of the TrickBot criminal enterprise prior to its own shutdown in mid-2022.
"While Wizard Spider's operations have significantly reduced following the demise of Conti in June 2022, these sanctions will likely cause disruption to the adversary's operations while they look for ways to circumvent the sanctions," Adam Meyers, head of intelligence at CrowdStrike, said in a statement.
The efforts are also complicated as Russia has long offered a safe haven for criminal groups, enabling them to carry out attacks without facing any repercussions as long as the assaults don't single out domestic targets or its allies.
According to data from NCC Group, ransomware attacks witnessed a 5% decline in 2022, dropping from 2,667 the previous year to 2,531, even as victims are increasingly refusing to pay up, leading to a slump in illicit revenues.
News URL
https://thehackernews.com/2023/02/uk-and-us-sanction-7-russians-for.html
Related news
- Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks (source)
- Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks (source)
- AutoCanada says ransomware attack "may" impact employee data (source)
- US sanctions crypto exchanges used by Russian ransomware gangs (source)
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Embargo ransomware escalates attacks to cloud environments (source)
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)
- Ransomware attack forces UMC Health System to divert some patients (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Underground ransomware claims attack on Casio, leaks stolen data (source)