Russian Hacking Gang Evil Corp Shifts Its Extortion Strategy After Sanctions (bloomberg.com) 20
A notorious Russian cybercrime group has updated its attack methods in response to sanctions that prohibit US companies from paying it a ransom, according to cybersecurity researchers. From a report: The security firm Mandiant said Thursday it believes that the Evil Corp gang is now using a well-known ransomware tool named Lockbit. Evil Corp has shifted to using Lockbit, a form of ransomware used by numerous cybercrime groups, rather than its own brand of malicious software to hide evidence of the gang's involvement so that compromised organizations are more likely to pay an extortion fee, researchers said. The US Treasury Department in 2019 sanctioned the alleged leaders of the Evil Corp gang, creating legal liabilities for American companies that knowingly send ransom funds to the hackers. While cybersecurity firms have associated Evil Corp with two kinds of malware strains, known as Dridex and Hades, the group's use of LockBit could cause hacked organizations to believe that another hacking group, other than Evil Corp, was behind the breach. Evil Corp is believed to be behind some of the worst banking fraud and computer hacking schemes of the past decade, stealing more than $100 million from companies across 40 countries, according to the US government.
Not much to say about this (Score:4, Insightful)
Re: (Score:2)
Well, yes. And those that created them as well, by having and promoting abysmally bad IT security for decades.
Re: (Score:2)
I mean what is there to say? Other than fuck these guys.
Fuck windows for making it so ubiquitous?
Re: Not much to say about this (Score:1)
Obligatory Kipling (Score:5, Informative)
"We never pay any one Dane-geld,
No matter how trifling the cost,
For the end of that game is oppression and shame,
And the nation that plays it is lost!"
Dane-Geld [bartleby.com], Rudyard Kipling
Re: (Score:2)
I've heard they ask for a one million dollar ransom, and everybody is laughing at them!
Re: (Score:1)
It's an overt reference to the fictional commercial entity Evil Corp in the TV series "Mr. Robot" which was actually a clear parody of Bank of America.
Re: (Score:1)
Correcting myself: in the show the real company's name is just "E-Corp" but is colloquially called "Evil Corp" by the characters.
Re: (Score:2)
Prohibitions on ransom payments work (Score:3)
If anyone wanted evidence that we should ban ransom payments to malware gangs, this is it. Criminalize ransomware payments, and they stop. Done deal.
Re: (Score:2)
So the real takeaway here (Score:3)
If you can't cut the problem off at the head cut off the tail and let it bleed out.
So making the payments illegal works? (Score:3)
It sure sounds like the government saying such payments are illegal actually works, at least enough to cause the ransomware people to change their tactics. It certainly sounds like making it illegal in all cases (not just for the russian subset) would be a very good idea!
Shooting fish in a barrel (Score:2)