The biggest ransomware goes bankrupt but may actually have an impact


At the beginning of July, Entering the end of the holiday week​​, Ransomware attack against IT management company Kaseya Incapacitated Hundreds of companies, Their data is notoriously encrypted REvil Ransomware GroupNow, the US authorities have announced a development as unprecedented as the incident itself: the alleged perpetrator was a Ukrainian national who was arrested in October and is currently awaiting extradition from Poland.

Ransomware gangs have Operates with relative impunity In the past few years, part of the reason is that many of them are in Russia, and the Kremlin has steadfastly turned a blind eye. However, the Ministry of Justice’s announcement on Monday indicated that the hybrid approach adopted by law enforcement agencies is feasible. The arrest and pending extradition of 22-year-old Yaroslav Vasinskyi shows that officials are capable of arresting key players when they make mistakes. Another major announcement, the seizure of a Russian national Yevgeniy Polyanin (Yevgeniy Polyanin) received US$6.1 million in suspected ransomware payments, which shows that the authorities can undermine their goals even if they cannot detain them. .

Attorney General Merrick Garland said at a press conference on Monday: “The arrest of Vasinski shows that we will act quickly with our international partners to identify, locate and arrest alleged cyber crimes. Criminals, no matter where they are.” “Ransomware attacks are fueled by criminal profits, which is why we are not just tracking down the individuals responsible for these attacks. We are also committed to capturing their illicit profits, and as much as possible. Return it to the blackmailed victim.”

The prosecution of Vasinskyi and Polyanin did not elaborate. It is said that the last time Vasinskyi participated in REvil was in December 2019, when he responded to an advertisement on Russian hacker forums looking for affiliates of ransomware.People who wrote ransomware code are often hacked What is a franchise transaction Part of the proceeds for their hacking tools-McDonald’s cybercrime model. Vasinskyi was accused of attacking Kaseya, which in turn spread to many of the company’s customers through software updates. In the end, the attack affected as many as 1,500 companies.

Polyanin, 28, was also accused of deploying REvil ransomware to multiple victims. The indictment stated that he was at least to a certain extent responsible for the ransomware frenzy that targeted a large number of hackers. Texas local government agencies August 2019. Polyanin, who lives in Russia, is still at large, but is believed to be related to 3,000 ransomware attacks that collectively attempted to extort at least $13 million from victims.

Allan Liska, an analyst at the security company Recorded Future, said: “This is good news.” “It reminds ransomware attackers that they are not safe, even in Russia. “If we can’t Arrest you and we will take your money. “Even participants of ransomware sometimes have to use services outside of Russia, and this is where the power of law enforcement lies.”

Combine Recently announced sanctions From the Ministry of Finance and State Council awards Regarding information about the infamous DarkSide ransomware actors, the Department of Justice’s actions on Monday reflected the “whole government” ransomware mantra of the Biden administration.



Source link

Recommended For You

About the Author: News Center