Security News
The U.S. government on Monday charged a Ukrainian suspect, arrested in Poland last month, with deploying REvil ransomware to target multiple businesses and government entities in the country, including perpetrating the attack against software company Kaseya, marking the latest action to crack down on the cybercrime group and curb further attacks. In another major development, the Justice Department disclosed the seizure of $6.1 million in alleged ransomware payments received by Russian national Yevgeniy Polyanin, who is currently at large and has been accused of conducting REvil ransomware attacks against multiple businesses and government entities in Texas dating back to August 16, 2019.
The U.S. government on Monday charged a Ukrainian suspect, arrested in Poland last month, with deploying REvil ransomware to target multiple businesses and government entities in the country, including perpetrating the attack against software company Kaseya, marking the latest action to crack down on the cybercrime group and curb further attacks. In another major development, the Justice Department disclosed the seizure of $6.1 million in alleged ransomware payments received by Russian national Yevgeniy Polyanin, who is currently at large and has been accused of conducting REvil ransomware attacks against multiple businesses and government entities in Texas dating back to August 16, 2019.
In a major ransomware bust US and European authorities on Monday announced separate but related indictments and arrests linked to extortionware attacks on IT service provider Kaseya and other firms. Europol said Romanian police last week arrested two individuals suspected of involvement in cyberattacks that utilized the Sodinokibi/REvil ransomware.
Ukrainian police have arrested a hacker who controlled a 100,000 device botnet used to perform DDoS attacks on behalf of paid customers. The threat actor was arrested at his home in Prykarpattia where he was allegedly using the botnet to perform DDoS attacks or to support other malicious activity for his clients.
Ukrainian police have reportedly arrested two members of a ransomware gang - and while some have fingered REvil, no firm details have been published by cops from multiple countries. A round of speculation was triggered when inter-EU law enforcement body Europol declared this morning that Ukrainian fuzz had arrested "Two prolific ransomware operators known for their extortionate demands," claimed to be up to €70m. One of the two suspects arrested on 28 September, according to the National Police of Ukraine, was a "Hacker".
The US Department of Justice has indicted a Ukrainian man for using a malware botnet to brute force computer logon credentials and then selling them on a criminal remote access marketplace. While Ivanov-Tolpintsev allegedly operated online under multiple aliases, the DOJ used subpoenaed emails from Google to identify his real identity and a Jabber address used to communicate with representatives of the Marketplace.
Authorities in Ukraine this week charged six people alleged to be part of the CLOP ransomware group, a cybercriminal gang said to have extorted more than half a billion dollars from victims. According to a statement and videos released today, the Ukrainian Cyber Police charged six defendants with various computer crimes linked to the CLOP gang, and conducted 21 searches throughout the Kyiv region.
Two Ukrainians charged for their involvement in a network providing cash-out and money laundering services to cybercriminals have been extradited to the United States. According to the indictment, the two were part of a cash-out and money laundering network offering services to cybercriminals who accessed bank accounts using stolen credentials, and then transferred funds to drop accounts maintained by the cash-out actors.
The System of Electronic Interaction of Executive Bodies hacked in this attack is used by most public authorities to share documents, as the country's national security and defense agency explained. The attack belongs to the so-called supply chain attacks.
A joint operation between French and Ukrainian law enforcement has reportedly led to the arrests of several members of the Egregor ransomware operation in Ukraine. The arrested individuals are thought to be Egregor affiliates whose job was to hack into corporate networks and deploy the ransomware.