UK sanctions members of Russian cybercrime gang

/in


  • Sanctions hit eleven from Russian cyber gang that targeted hospitals and other critical infrastructure
  • Sanctions will disrupt ransomware attacks and expose attackers behind them
  • New measures delivered in coordinated effort with the United States

Members of a Russian cyber criminal gang behind the Trickbot/Conti ransomware attacks, which included the hacking of critical infrastructure and hospitals during the COVID-19 pandemic, face new sanctions today (7 September).

Eleven cyber criminals, whose gang also threatened those who oppose the illegal Russian invasion of Ukraine, have been targeted with asset freezes and travel bans in a coordinated effort by UK and US authorities to counter the threat of ransomware both in the UK and abroad. The US Department of Justice (DOJ) is concurrently unsealing indictments against seven of the individuals designated today.

The National Crime Agency (NCA), who conducted a complex investigation into these individuals, assesses that the group was responsible for extorting at least $180m from victims globally, and at least £27m from 149 UK victims. The attackers sought to target UK hospitals, schools, local authorities and businesses.

The individuals being designated in the UK are:

  • Andrey Zhuykov was a central actor in the group and a senior administrator. Known by the online monikers “Defender”, “Dif” and “Adam”.
  • Maksim Galochkin led a group of testers, with responsibilities for development, supervision and implementation of tests. Known by the online monikers “Bentley”, “Volhvb” and “Max17”
  • Maksim Rudenskiy was a key member of the Trickbot group and was the team lead for coders. Known by the online monikers “Buza”, “Silver” and “Binman”.
  • Mikhail Tsarev was a mid-level manager who assisted with the group’s finances and overseeing of HR functions. Known by the online monikers “Mango”, “Fr*ances” and “Khano”.
  • Dmitry Putilin was associated with the purchase of Trickbot infrastructure. Known by the online monikers “Grad” and “Staff”.
  • Maksim Khaliullin was an HR manager for the group. He was associated with the purchase of Trickbot infrastructure…

Source…