Evil Corp cybercriminals unmasked and sanctioned.

Further Evil Corp cybercriminals were exposed following the NCA investigation, one of whom was unmasked as a LockBit affiliate, as the UK, US, and Australia unveiled sanctions.

• Read the report - https://www.nationalcrimeagency.gov.uk/who-we-are/publications/732-evil-corp-behind-the-screens/file

Who are they?

• Evil Corp (OR Indrik Spider) originated in Russia and is the most pervasive cybercrime group to have operated. Maksim Yakubets, who also goes by the online alias ‘Aqua’ and has a $5 million bounty for his arrest, was Evil Corp’s founder and led the group for most of its lifespan.
• One of the first significant financial cybercrime groups, Evil Corp developed a series of malware and ransomware strains which have caused considerable harm to numerous organisations and sectors, including healthcare, critical national infrastructure and government.
• Several law enforcement and government operations have taken place to disrupt the group since its formation, most notably in the form of sanctions and indictments in December 2019. As a result, the group has been forced to scrap its modus operandi and attempt new tactics to evade the additional scrutiny and restrictions put on it.
• Evil Corp, characterised by its longevity, adaptability, organisational hierarchy, and close links with the Russian state, has proved a persistent threat for over a decade. Members continue to operate within the Russian Federation. However, since late 2019, their success and influence in the cybercrime ecosystem have dwindled.

SANCTIONS

• 16 members of Evil Corp, once believed to be the most significant cybercrime threat in the world, have been sanctioned in the UK.
• Their links to the Russian state and other ransomware groups, including LockBit, have been exposed. Australia and the we have also imposed sanctions.
• An extensive investigation by the NCA has helped map out the history and reach of Evil Corp’s criminality, from a family-centred financial crime group in Moscow that branched out into cybercrime, going on to extort at least $300 million from victims globally.
• Today, the head of Evil Corp, Maksim Yakubets and eight of those sanctioned by the US in 2019 have also been sanctioned in the UK by the Foreign, Commonwealth and Development Office, along with an additional seven individuals whose links and support for the group have not previously been exposed.
• This includes Aleksandr Ryzhenkov, Yakubets’ right-hand man, who has also been identified as a LockBit affiliate as part of Operation Cronos - the ongoing NCA-led international disruption of the group.

Read the full story ➡️ https://www.nationalcrimeagency.gov.uk/news/further-evil-corp-cyber-criminals-exposed-one-unmasked-as-lockbit-affiliate.