1.9 C
Thursday, December 2, 2021

The biggest ransomware goes bankrupt but may actually have an impact

At the beginning of July, Entering the end of the holiday week, a ransomware attack on IT management company Kaseya made hundreds of companies unable to operate, and their data was encrypted by the notorious REvil ransomware organization. Now, the US authorities have announced a development as unprecedented as the incident itself: the alleged perpetrator was a Ukrainian national who was arrested in October and is currently awaiting extradition from Poland.

In the past few years, the activities of ransomware gangs have been relatively impunity, partly because many of them are in Russia, and the Kremlin has steadfastly ignored them. However, the Ministry of Justice’s announcement on Monday indicated that the hybrid approach adopted by law enforcement agencies is feasible. The arrest and pending extradition of 22-year-old Yaroslav Vasinskyi shows that officials are capable of arresting key players when they make mistakes. Another major announcement, the seizure of a Russian national Yevgeniy Polyanin (Yevgeniy Polyanin) received US$6.1 million in suspected ransomware payments, which shows that the authorities can undermine their targets even if they cannot detain them. .

Attorney General Merrick Garland said at a press conference on Monday: “The arrest of Vasinski demonstrates that we will act quickly with our international partners to identify, locate and arrest alleged cyber crimes. Criminals, no matter where they are.” “Ransomware attacks are fueled by criminal profits, which is why we don’t just track down the individuals responsible for these attacks. We are also committed to capturing their illicit profits, and as much as possible. Return it to the blackmailed victim.”

The prosecution of Vasinskyi and Polyanin did not elaborate. It is said that the last time Vasinskyi participated in REvil was in December 2019, when he responded to an advertisement on Russian hacker forums looking for affiliates of ransomware. People who write ransomware code usually cut the franchise deals of their hacking tools in exchange for cuts in revenue-McDonald’s cybercrime model. Vasinskyi was accused of attacking Kaseya, which in turn spread to many of the company’s customers through software updates. In the end, the attack affected as many as 1,500 companies.

Polyanin, 28, was also accused of deploying REvil ransomware to multiple victims. The indictment stated that he was at least to a certain extent responsible for the ransomware frenzy that targeted a large number of local government agencies in Texas in August 2019. Polyanin, who lives in Russia, is still at large, but is believed to be a group of 3,000 ransomware attacks trying to extort at least $13 million from the victims.

Allan Liska, an analyst at the security company Recorded Future, said: “This is all good news.” “It reminds ransomware attackers that they are not safe, even in Russia. “If we can’t Arrest you and we will take your money. “Even participants of ransomware sometimes have to use services outside of Russia, and this is where the power of law enforcement lies.”

Combine Recently announced sanctions From the Ministry of Finance and State Council awards Regarding information about the infamous DarkSide ransomware actors, the Department of Justice’s actions on Monday reflected the “whole government” ransomware mantra of the Biden administration.

- Advertisement -spot_img
Latest news
- Advertisement -
Related news
- Advertisement -


Please enter your comment!
Please enter your name here