Thu. Jan 20th, 2022


“I am concerned about Russia’s secret intentions [for conducting the REvil arrests] That’s perfectly reasonable, “said John Haltquist, vice president of security intelligence at Mandient. “It’s basically a feather in their hat and you can definitely take a cursory look at it and think it’s all a signal. But I think in the end it’s still good news. Actors need to know that if you harass thousands of people and steal millions of dollars, you can’t just go to sunset. “

This is not the first time that an alleged member of REvil has faced action from law enforcement. In November, 22-year-old Ukrainian citizen Yaroslav Vasinsky was arrested in Poland and Kaseya is accused of conducting the attack. Vasinsky has been accused of abusing a Kaseya product to establish the REvil code, which then spreads the group’s ransomware through the Kaseya network, according to a The judiciary accused. Yevgeny Polyanin, a 28-year-old Russian citizen, was also charged with deploying REvil’s ransomware রয়েছে he is accused of carrying out 3,000 ransomware attacks — and his $ 6.1 million assets have been confiscated.

Law enforcement agencies around the world, including Ukraine, are increasingly working together to crack down on ransomware actors. Since February 2021, Europol has made arrests Five hackers associated with Reveal And says 17 countries are working on its investigation. These include the United States, the United Kingdom, France, Germany, and Australia.

Without Russia’s cooperation, however, officials had some strict limits on how they could effectively target any gang. After hitting a peak — or Nadir সাথে with a series of catastrophic and destructive attacks in the summer of 2021, REvil went mostly dark after international law enforcement compromised. Infrastructure. Like other Russia-based groups, though The infamous Darkside Gang And its successor, BlackMater, has continued to be their target, at least for now.

“The big question, I think, is whether this represents a real change in Russia’s intentions to deal with this problem, or whether it is simply a sacrifice for the sake of some international pressure.” Brett Callo is a threat analyst at antivirus company MCSoft. “I doubt the latter.”

Kello and others insisted, however, that it would take time to learn more about the Russian government’s approach, given the arrests of many Revel operators should have some deterrent effect. And in an interconnected industry like the ransomware market, every hurdle is significant.

Jack Williams, a former NSA hacker and respondent to the incident, said, “I agree that there must be an inspiration other than ‘the US has asked us nicely’, but regardless of that, it will further disrupt the ransomware economy, at least in the short term.”

In the long run, several ransomware groups operating outside of Russia remain highly active. The REvil takedown is a sign of progress, but what really matters is the Kremlin’s appetite for following those other gangs.


More great cable story



Source link

By admin

Leave a Reply

Your email address will not be published. Required fields are marked *