Two Russian nationals, Maksim Yakubets and Igor Turashev, were indicted in Pittsburgh on December 5th, for involvement in international multimillion-dollar malware attacks. Estimates on the amount netted from their attacks range up to $100 million dollars, while the attacks themselves would have cost victims millions more in business downtime and recovery. Several of the victims that the pair are accused of executing attacks against are located in Pennsylvania, including a bank and a school district. A $5 million dollar bounty has been offered for help in detaining the pair, although it seems unlikely that they would ever face trial as they are currently assumed to be residing in Russia.
Yakubets has ties to the Russian Federal Security Service and is thought to be one of the leaders of a hacking group dubbed “Evil Corp.” Evil Corp is known to deploy a piece of malware called Dridex, which would commonly infect victims via a phishing email and has the potential to steal banking credentials from victims. Stolen information is then leveraged to initiate wire transfers to foreign bank accounts. Later iterations of the Dridex malware implemented the capability to load and deploy ransomware, such as BitPaymer, to victim networks.
Source: https://www.spambrella.com/what-is-dridex-malware/
Schneider Downs has assisted in the containment and recovery efforts of organizations that have fallen victim to various forms of malware, including the Dridex variant used to deploy ransomware. The vast majority of infections we see initially gain access with a phishing email and escalate from there due to a lack of defensive controls within the network. Many of these types can be easily prevented through some careful planning and execution of a defensive cyber strategy. For any questions or assistance with preventative or responsive measures, you can contact the Cybersecurity Team at [email protected].
Related Posts
No related posts.