LockBit Associates Arrested, Evil Corp Bigwig Outed

  /     /     /  
Publicated : 23/11/2024   Category : security


LockBit Associates Arrested, Evil Corp Bigwig Outed


A global operation cuffed four LockBit suspects and offered more details into the org chart of Russias infamous Evil Corp cybercrime gang.



In another phase of
Operation Cronos
, Europol and Eurojust have taken more action against the
LockBit ransomware gang
by making four arrests and seizing devices used as part of the ransomwares infrastructure. In addition, Aleksandr Ryzhenkov (aka Beverley), who was once second-in-command for the infamous Evil Corp cybercrime organization, was sanctioned and named as an affiliate for LockBit, indicating ties between the two groups.
The arrests were of a suspected developer for the group in France; two LockBit affiliates apprehended by the British authorities; and a bulletproof hosting service administrator cuffed by Spanish police, which also confiscated nine servers. 
Meanwhile, the US, the UK, and Australia
imposed sanctions
against Ryzhenkov, who the UKs National Crime Agency identified as a top lieutenant to Evil Corp leader Maxim Yakubets. The US unsealed an indictment against him, and sanctioned 16 other individuals linked to the infamous gang.
Russia-based Evil Corp, the outfit behind the Zeus and Dridex banking Trojans, largely disappeared from the cybercrime scene following US sanctions in 2019, which included the outing of Yakubets, his relationship with an FSB agent who is his father-in-law, and the
exposure of Evil Corps inner workings
.
According to the NCA, Ryzhenkov was key to the development of Evil Corps post-sanctions
WastedLocker ransomware
, which was a ransomware-as-a-service (RaaS) offering circulating in 2020. But in 2022, he turned up as a LockBit affiliate. Meanwhile, LockBit has denied having any working relationship with Evil Corp.
The exposure of Evil Corps ties to LockBit is a major blow to the ransomware affiliate market, said Ferhat Dikbiyik, head of research at Black Kite, in an emailed statement to Dark Reading. February 2024 saw
Operation Cronos take down LockBits main infrastructure
. Since then, LockBit has been using back-up Dark Web blogs to maintain its presence. Today, law enforcement agencies have taken further action — exposing critical ties between LockBit and Evil Corp, a group long associated with large-scale ransomware and financial crime operations.
LockBit ransomware has been deployed across a variety of sectors, including financial service, food and agriculture, education, energy, government and emergency services, and healthcare, among others. Because there are so many independent affiliates involved, there are a wide array of different attack tactics used by the threat actors. However, the Japanese Police, National Crime Agency, and FBI are focusing their expertise on developing decryption tools to recover files encrypted and lost to LockBit ransomware, according to Europol.

Last News

▸ Security Problem Growing for Dairy Queen, UPS & Retailers, Back off ◂
Discovered: 23/12/2024
Category: security

▸ Veritabile Defecte de Proiectare a Securitatii in Software -> Top 10 Software Security Design Flaws ◂
Discovered: 23/12/2024
Category: security

▸ Sony, XBox Targeted by DDoS Attacks, Hacktivist Threats ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
LockBit Associates Arrested, Evil Corp Bigwig Outed