Tag Archive for: CyberGang

Member of Russian cybergang Trickbot pleads guilty in $180 million global ransomware spree that hit Avon schools, others

/in


CLEVELAND, Ohio — A Russian man on Thursday admitted to his role in the cybergang Trickbot that attacked millions of computers around the world with ransomware, including those in hospitals during the coronavirus pandemic.

Vladmir Dunaev, 40, pleaded guilty in federal court in Cleveland to conspiracy to commit computer fraud and conspiracy to commit bank and wire fraud.

He faces between five and six-and-a-half years in prison when U.S. District Judge Solomon Oliver sentences him. Oliver set a sentencing date for March 20, but said he could move that date up.

Dunaev is the second person to plead guilty in the United States to working for the Russia-based gang, which authorities say stole at least $33 million from Americans and $180 million worldwide.

He worked as a malware developer for the gang, and he was not a high-level planner, authorities said. He helped devise ways for the malware to avoid detection by cybersecurity software programs and developed tools to mine data on hacked computers, among other roles, Assistant U.S. Attorney Dan Riedl said.

Dunaev was arrested in 2021 in South Korea.

The case was prosecuted in Cleveland because some of Trickbot’s victims were in Northeast Ohio, including Avon schools, which lost about $471,000, and a North Canton business that lost about $750,000.

A co-defendant, Alla Witte, was the first Trickbot member to plead guilty in the case and was sentenced in June to two years and three months in prison.

Trickbot and other malware convictions are rare because many of its members live in Russia or other countries that do not have extradition agreements with the United States.

In September, prosecutors in Cleveland and elsewhere charged 14 more members of the gang and its offshoot, Conti. Another gang member was charged in February. None of the 15 has been arrested.

The U.S. Treasury Department and United Kingdom have also issued sanctions, including travel bans and asset freezes, against 18 gang members.

Officials in both countries have said Trickbot has direct ties to Russian intelligence.

The group grew to have as many as 400 members and infected millions of computers across the globe, including in Italy, Australia, Belgium and Canada.

The malware…

Source…

Canadian admits to hacking spree with Russian cyber-gang

/in



The leaders, who are still at large, communicate in Russian online and ensure that their malware does not infect Russian computer systems, or those of former Soviet countries whic …

Source…

Secret Chats Show How Cybergang Became a Ransomware Powerhouse

/in


MOSCOW — Just weeks before the ransomware gang known as DarkSide attacked the owner of a major American pipeline, disrupting gasoline and jet fuel deliveries up and down the East Coast of the United States, the group was turning the screws on a small, family-owned publisher based in the American Midwest.

Working with a hacker who went by the name of Woris, DarkSide launched a series of attacks meant to shut down the websites of the publisher, which works mainly with clients in primary school education, if it refused to meet a $1.75 million ransom demand. It even threatened to contact the company’s clients to falsely warn them that it had obtained information the gang said could be used by pedophiles to make fake identification cards that would allow them to enter schools.

Woris thought this last ploy was a particularly nice touch.

“I laughed to the depth of my soul about the leaked IDs possibly being used by pedophiles to enter the school,” he said in Russian in a secret chat with DarkSide obtained by The New York Times. “I didn’t think it would scare them that much.”

DarkSide’s attack on the pipeline owner, Georgia-based Colonial Pipeline, did not just thrust the gang onto the international stage. It also cast a spotlight on a rapidly expanding criminal industry based primarily in Russia that has morphed from a specialty demanding highly sophisticated hacking skills into a conveyor-belt-like process. Now, even small-time criminal syndicates and hackers with mediocre computer capabilities can pose a potential national security threat.

Where once criminals had to play psychological games to trick people into handing over bank passwords and have the technical know-how to siphon money out of secure personal accounts, now virtually anyone can obtain ransomware off the shelf and load it into a compromised computer system using tricks picked up from YouTube tutorials or with the help of groups like DarkSide.

“Any doofus can be a cybercriminal now,” said Sergei A. Pavlovich, a former hacker who served 10 years in prison in his native Belarus for cybercrimes. “The intellectual barrier to entry has gotten extremely low.”

A glimpse into DarkSide’s secret communications…

Source…

Cyber-Gang Warfare – by Richard B. Andres – Foreign Policy (blog)

/in

Wall Street Journal

Cyber-Gang Warfare – by Richard B. Andres
Foreign Policy (blog)
While it may seem implausible that this simple technique would work, over the last decade states have regularly used it to shield a variety of aggressive acts from legal or diplomatic reprisal, and it is becoming clear that this approach to
Washington, Beijing in cyberwar standoffYahoo!7 News
Confronting Cyber Barbary PiratesWall Street Journal
China Is America's #1 Cyber Threat: US Govt. ReportYahoo! Finance (blog)

all 29 news articles »

cyber warfare – read more