Tech

Evil Corp’s notorious hackers target NATO allies for Russian intelligence


International law enforcement agencies have been working for years to bust the Evil Corp cybercrime gang and its severe global crime wave. But in a region populated by Russian cybercriminals, Evil Corp is most notable for its unique ties to Russian intelligence.

On Tuesday, the UK National Crime Agency released new details about the real-world identities of alleged Evil Corp members, the group’s links to the LockBit platform and the gang’s relationship with the Russian state. Researchers are increasingly asserting that there is loose, reciprocal connections between Russian cyber criminals and the country’s government. But NCA officials stress that Evil Corp is an unusual example of a gang with direct ties to multiple Russian intelligence agencies—including Russia’s Federal Security Service, or FSB; Foreign Intelligence Service, or SVR; and the military intelligence agency known as the GRU. And NCA reports that before 2019, Evil Corp was specifically “tasked” by Russian intelligence agencies to carry out espionage and cyberattacks against unspecified “NATO allies.”

For more than a decade, Evil Corp used Dridex malware and other hacking tools to compromise thousands of bank accounts around the world and steal money. In 2017, the group expanded into ransomware, using strains such as Hades and PhoenixLocker, and later used LockBit Platform as an affiliate starting in 2022. The group extorted at least $300 million from its victims along with its other loot, and the US State Department is issuing a 5 million USD bonus for information leading to the arrest of the gang’s alleged leader, Maksim Yakubets.

“Evil Corp’s story is a prime example of the growing threat posed by cybercriminals and ransomware operators,” NCA wrote Tuesday in a joint report with the FBI and Australian Federal Police. “In their case, Russian state activities played a particularly important role, sometimes even collaborating with this cybercriminal group to carry out their own malicious cyber activity.”

Unlike many Russian cybercrime groups that have developed distributed leadership structures online, NCA officials say Evil Corp is organized like a more traditional crime syndicate around family and friends by Yakubets. His father, Viktor Yakubets, allegedly has a background in money laundering, and Maksim’s brother Artem, along with cousins ​​Kirill and Dmitry Slobodskoy, are all believed to be linked to the group. Officials also alleged that the group operated out of physical locations, including Chianti Café and Scenario Café in Moscow.

Officials say Maksim Yakubets has always been the main liaison between Evil Corp and Russian intelligence. But other members, including his father-in-law, Eduard Benderskiy, were also said to have contributed to the relationship. Benderskiy is is believed to be a former FSB official who worked in the mysterious ‘Vympel’ unit and according to Bellingcat, may have been involved in a series of assassinations abroad. NCA officials say that following 2019 US sanctions and indictments of Evil Corp members, Benderskiy worked to protect high-ranking members of the gang in Russia.

Despite its longtime dominance, Evil Corp must continue to grow to continue making money. Despite denying a relationship, the group appears to have used the notorious ransomware service platform LockBit to launch attacks since 2022. And the person is believed to be Yakubets’ second-in-command, who NCA officials named on Tuesday Aleksandr Ryzhenkov as apparently overseeing the work. After international law enforcement agencies launched a LockBit’s major disruption in FebruaryAccording to the NCA, the gang has been operating with reduced capacity.

“Born from the merger of elite cybercriminals, Evil Corp’s complex business model has made them one of the most persistent and popular cybercriminal adversaries to date,” NCA wrote. . “After being hampered by sanctions and indictments in December 2019, the group was forced to diversify its tactics as it attempted to continue causing harm while adapting to the changing cybercrime ecosystem .”

News7f

News 7F: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, Sports...at the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button