The Biggest Ransomware Bust Though Can Make An Impact

In early July, towards the holiday weekend, a ransomware attack against IT management firm Kaseya nothing can be done hundreds of businesses, their data is encrypted famously REvil ransomware group. Today, U.S. authorities are announcing an unprecedented development like the incident itself: The alleged culprit, a Ukrainian national, was arrested in October and is currently awaiting extradition from Poland.

Ransomware gangs have operated with relative impunity over the past few years, in part because so many of them are based in Russia and the Kremlin has been consistently turning a blind eye. The Justice Department’s announcement on Monday, however, shows that the hybrid approach to law enforcement that has landed could work. The arrest and pending extradition of 22-year-old Yaroslav Vasinskyi shows that officers will be able to arrest key players when they fall. And another major announcement, the seizure of $ 6.1 million in alleged ransomware payments received by Russian national Yevgeniy Polyanin, showed that authorities could disrupt their targets even if they could not take them into custody.

“Vasinskyi’s arrest demonstrates how quickly we can work with our international partners to identify, locate, and apprehend alleged cybercriminals wherever they are located,” Attorney General Merrick Garland said in a statement. press conference on Monday. “Ransomware attacks are driven by criminal profits, so we’re not just prosecuting the individuals responsible for the attacks. We’re also committed to seizing their banned profits and returning them whenever possible. us to the victims where they were abducted. ”

The accusations against Vasinskyi and Polyanin are less detailed. Vasinskyi was allegedly involved with REvil most recently in December 2019, when he responded to an advertisement on a Russian hacker forum seeking ransomware affiliates. People who write ransomware code are often hacked what are the important franchise deals for their hacking tools in exchange for a revenue cut — McDonald’s model for cybercrime. Vasinskyi is accused of committing the Kaseya attack, which in turn spread to many of the company’s customers through software updates. In the end, the attack affected 1,500 businesses.

Polyanin, 28, is also accused of deploying REvil ransomware against multiple victims. The accuser says he was responsible, at least in part, for a ransomware spree targeting multiple local government agency in Texas in August 2019. Polyanin, who lives in Russia, is still at large but is believed to have links to 3,000 ransomware attacks that collectively attempted to extort at least $ 13 million from victims.

“This is good news for everyone,” said Allan Liska, an analyst for security firm Recorded Future. “It reminds ransomware actors that they are not safe, even in Russia. ‘If we don’t catch you, we’ll take your money.’ Even ransomware actors have to use services outside of Russia sometimes, and that’s where law enforcement has the power.

Combined with recently announced penalties from the Treasury Department and a reward from the State Department for information on the notorious DarkSide ransomware actors, the Justice Department’s action on Monday reflected the “government -wide” ransomware mantra of the Biden administration.

Source link


Leave a Reply

Your email address will not be published. Required fields are marked *