Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security

Russian Hacking Gang Evil Corp Shifts Its Extortion Strategy After Sanctions (bloomberg.com) 20

A notorious Russian cybercrime group has updated its attack methods in response to sanctions that prohibit US companies from paying it a ransom, according to cybersecurity researchers. From a report: The security firm Mandiant said Thursday it believes that the Evil Corp gang is now using a well-known ransomware tool named Lockbit. Evil Corp has shifted to using Lockbit, a form of ransomware used by numerous cybercrime groups, rather than its own brand of malicious software to hide evidence of the gang's involvement so that compromised organizations are more likely to pay an extortion fee, researchers said. The US Treasury Department in 2019 sanctioned the alleged leaders of the Evil Corp gang, creating legal liabilities for American companies that knowingly send ransom funds to the hackers. While cybersecurity firms have associated Evil Corp with two kinds of malware strains, known as Dridex and Hades, the group's use of LockBit could cause hacked organizations to believe that another hacking group, other than Evil Corp, was behind the breach. Evil Corp is believed to be behind some of the worst banking fraud and computer hacking schemes of the past decade, stealing more than $100 million from companies across 40 countries, according to the US government.
This discussion has been archived. No new comments can be posted.

Russian Hacking Gang Evil Corp Shifts Its Extortion Strategy After Sanctions

Comments Filter:
  • by Baconsmoke ( 6186954 ) on Thursday June 02, 2022 @11:25AM (#62587090)
    I mean what is there to say? Other than fuck these guys.
    • by gweihir ( 88907 )

      Well, yes. And those that created them as well, by having and promoting abysmally bad IT security for decades.

    • I mean what is there to say? Other than fuck these guys.

      Fuck windows for making it so ubiquitous?

    • Those "bad" guys appear to be on my side. They should charge more though. As long as paying "bad" guys ransom is more affordable to corporations than paying their IT personnel fair money to secure their systems from such trivial exploits, corporations will continue to whine and pay ransoms instead of paying their IT personnel.
  • Obligatory Kipling (Score:5, Informative)

    by davidwr ( 791652 ) on Thursday June 02, 2022 @11:27AM (#62587104) Homepage Journal

    "We never pay any one Dane-geld,
            No matter how trifling the cost,
        For the end of that game is oppression and shame,
            And the nation that plays it is lost!"

    Dane-Geld [bartleby.com], Rudyard Kipling

  • by DrMrLordX ( 559371 ) on Thursday June 02, 2022 @01:52PM (#62587604)

    If anyone wanted evidence that we should ban ransom payments to malware gangs, this is it. Criminalize ransomware payments, and they stop. Done deal.

    • Because corporations have never kept secrets, told lies or committed criminal actions in order to make more or save money, right?
  • by rsilvergun ( 571051 ) on Thursday June 02, 2022 @02:42PM (#62587750)
    Is that if you make it a crime to pay ransomware and then enforce that law you would do away with the problem overnight. It's painfully obvious that businesses won't pay ransomware when it's a crime.

    If you can't cut the problem off at the head cut off the tail and let it bleed out.
  • by spitzak ( 4019 ) on Thursday June 02, 2022 @07:17PM (#62588512) Homepage

    It sure sounds like the government saying such payments are illegal actually works, at least enough to cause the ransomware people to change their tactics. It certainly sounds like making it illegal in all cases (not just for the russian subset) would be a very good idea!

  • It would seem that many corporations security practices are so poor that ransomware gangs are making hay while the sun shines. It's like shooting fish in a barrel. How much of an impact do you think corporate accountability for their security would have? I mean, they have to appoint an executive data security officer who is responsible & liable if an inspection shows poor data security practices. Just like we have regular fire safety & health & safety inspections, why not data security if it's t

You are always doing something marginal when the boss drops by your desk.

Working...