Tag Archive for: role

Ukrainian national pleads guilty over role in two malware campaigns

/in


Ukrainian national pleads guilty over role in two malware campaigns

Hacker behind Zeus and IcedID malware operations that wracked up tens of millions of dollars over 12 12-year period.

A Ukrainian hacker has pleaded guilty to a pair of charges related to malware campaigns between 2009 and 2021.

37-year-old Vyacheslav Igorevich Penchukov, from the Donetsk region, pleaded guilty to a count of conspiracy to commit a racketeer-influenced and corrupt organisations act offence (also known as the RICO Act), and a count of conspiracy to commit wire fraud.

Penchukov is scheduled to be sentenced on May 9, and each charge carries a maximum jail time of 20 years. He was arrested in 2022 in Switzerland and extradited to the US in 2023.

“Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software. These criminal groups stole millions of dollars from their victims and even attacked a major hospital with ransomware, leaving it unable to provide critical care to patients for over two weeks,” said Acting Assistant Attorney General Nicole M. Argentieri of the Justice Department’s Criminal Division in a statement.

“Before his arrest and extradition to the United States, the defendant was a fugitive on the FBI’s most wanted list for nearly a decade. Today’s guilty pleas should serve as a clear warning: the Justice Department will never stop in its pursuit of cyber-criminals.”

Penchukov assisted in running the Zeus malware operation from May 2009. The operators used the malware to steal bank information from infected devices, which Penchukov and his cronies then used as part of a banking scam, transferring millions of dollars from victim accounts.

The hacker was initially charged with the RICO offence over this operation and was also added to the FBI’s Cyber Most Wanted List at this time.

Penchukov was also one of the top people behind the IcedID malware operation, also known as Bokbot. IcedID was capable of simple data theft, such as banking credentials, but could also deploy other payloads, such as ransomware. In one such instance, the University of Vermont…

Source…

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

/in


Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Pierluigi Paganini
February 17, 2024

A Ukrainian national pleaded guilty to his role in the Zeus and IcedID operations, which caused tens of millions of dollars in losses.

Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to his key roles in the Zeus and IcedID malware operations.

“Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software. These criminal groups stole millions of dollars from their victims and even attacked a major hospital with ransomware, leaving it unable to provide critical care to patients for over two weeks,” said Acting Assistant Attorney General Nicole M. Argentieri of the Justice Department’s Criminal Division. “Before his arrest and extradition to the United States, the defendant was a fugitive on the FBI’s most wanted list for nearly a decade. Today’s guilty pleas should serve as a clear warning: the Justice Department will never stop in its pursuit of cybercriminals.”

On October 2022, Swiss police arrested Penchukov in Geneva, also known as Tank, which is one of the leaders of the JabberZeus cybercrime group.

The man was extradited to the United States in 2023, he was included in the FBI’s “Most Wanted” list and has been sought for 10 years.

Zeus Penchukov FBI wanted

In 2012, the Ukrainian national Vyacheslav Igorevich Penchukov was accused of being a member of a cybercrime gang known as JabberZeus crew. JabberZeus was a small cybercriminal ring that was targeting SMBs with a custom-made version of the Zeus banking trojan. At the time, DoJ accused Penchukov of coordinating the exchange of stolen banking credentials and money mules and received alerts once a bank account had been compromised.

The popular investigator Brian Krebs reported that Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham, noted in 2014 that Tank told co-conspirators in a JabberZeus chat on July 22, 2009 that his daughter, Miloslava, was and told him Miloslava birth weight.

Warner explained that Tank was identified by searching Ukrainian…

Source…

Illinois CISO Adam Ford steps down for role at cyber firm Zscaler

/in


After five years as chief information security officer for the Illinois Department of Innovation and Technology, Adam Ford has moved into a new role at Zscaler, a cloud security company in San Jose, California.

Ford worked for the state of Illinois since 2000, starting his government tenure as a network architect and engineer. In 2023, he was the recipient of the National Association of State Chief Information Officers’ Thomas M. Jarrett State Cybersecurity Leadership Award for strengthening the state’s cybersecurity infrastructure, multi-factor authentication initiatives for network and system access and the improvements he made to information sharing, joint training exercises and coordinated responses to cyber incidents across state government agencies.

Prior to his departure, Ford posted on social media thanking the state’s administration for “strong sponsorship of cybersecurity initiatives” and the technology department’s leadership.

“In my more than 20 years with the state of Illinois, I’ve never failed to be impressed by the people who work here,” Ford wrote on LinkedIn earlier this week. “Public service isn’t all glamour, folks! Thank you to all my co-workers at DoIT and other agencies for putting in long hours, for wading into seemingly impossible problems and solving them, and for your friendship while doing so.”

The CISO position at the Illinois DoIT is open to applications until Jan. 19.

Sophia Fox-Sowell

Written by Sophia Fox-Sowell

Sophia Fox-Sowell reports on artificial intelligence, cybersecurity and government regulation for StateScoop. She was previously a multimedia producer for CNET, where her coverage focused on private sector innovation in food production, climate change and space through podcasts and video content. She earned her bachelor’s in anthropology at Wagner College and master’s in media innovation from Northeastern University.

Source…

AI’s pivotal role in cybersecurity valued at $60.6bn by 2028

/in


Artificial Intelligence is expected to play a pivotal role in the field of cybersecurity, influencing behavioural analytics, threat detection, and automating processes. Valued at USD 22.4 billion in 2023, reports suggest that the global market for AI in cybersecurity is projected to grow to USD 60.6 billion by 2028, at a Compound Annual Growth Rate (CAGR) of 21.9%.

The rise of AI technologies such as natural language processing (NLP) and machine learning (ML) are deemed vital for enhancing cybersecurity as tech firms, defence, and government agencies face an increase in cyberattacks. Priority is reportedly given to machine learning algorithms for enhancing security intelligence. AI is significant in banking sector as well, due to rising privacy concerns, emphasising on AI-based cybersecurity. The demand for advanced AI solutions is expected to grow parallel to the evolving cyber threats, particularly from small and medium-sized enterprises (SMEs).

Software is anticipated to hold a major share in the AI in cybersecurity market during the forecast period. AI in cybersecurity software sector is driven by the increase in security breaches on business applications aiming to acquire sensitive data. The strict data privacy policies and regulations have led to a rise in demand for AI-based cybersecurity solutions. The widespread use of connected devices, Bring-Your-Own-Device (BYOD) trends in organisations, and increasing internet usage are all factors contributing to the need for potential risk mitigation.

Managed services in cybersecurity are expected to exhibit the highest CAGR during the forecast period. These services, backed with AI algorithms, boost real-time threat detection and automate incident responses, thereby optimising resource allocation. The scenario presents cybersecurity teams with opportunity to focus on strategic undertakings. Risks can be managed efficiently with AI-powered systems operating on vast datasets, offering overall protection against evolving cyber threats. Predictive analytics empower organisations to anticipate and respond effectively to cyber threats.

The Asian Pacific region is projected to exhibit the highest CAGR. Rise in population and…

Source…