The U.K., the U.S. and Australia have sanctioned 16 members of the Russian cybercrime gang Evil Corp in the latest crackdown against hacking and ransomware gangs among the AUKUS countries.
Leading the list of those sanctioned was Maksim Yakubets, who is alleged to be the leader of Evil Corp’s operations and who also has a $5 million bounty on his head by the U.S. Department of Justice. Yabkuets is also alleged to be the key figure facilitating ties between the hacking group and Russian entities, including the Russian Federal Security Service and the GRU, the Russian Military Intelligence.
Evil Corp stands accused of undertaking malware ransomware attacks in all three countries, including the U.K., against health, government and public sector institutions, as well as private technology companies. The group is claimed to have earned hundreds of millions in its illicit endeavors.
Among those sanctioned was also Aleksandr Ryzhenkov, described by the U.K. National Crime Authority as “Yakubets’ right-hand man” who is alleged to have developed some of the Evil Corp’s most prolific ransomware strains. Highlighting the links between various ransomware gangs, Ryzhenkov has also been identified as a LockBit affiliate as part of Operation Cronos, an international task force that was put together specifically to target LockBit that was previously in the news in May.
“Today’s sanctions send a clear message to the Kremlin that we will not tolerate Russian cyber-attacks — whether from the state itself or from its cyber-criminal ecosystem,” U.K. Foreign Secretary David Lammy said in a statement. “Putin has built a corrupt mafia state with himself at its center. We must combat this at every turn, and today’s action is just the beginning.”
Along with sanctions against Evil Corp actors, the DOJ also today unsealed an indictment charging Ryzhenkov with using the BitPaymer ransomware variant to attack numerous victims in Texas and throughout the U.S., subsequently holding their sensitive data for ransom.
The indictment alleges that Ryzhenkov and others used phishing campaigns, malware and took advantage of vulnerabilities in computer hardware and software to intrude into computer systems before demanding ransom payments of millions of dollars.
“The FBI, together with partners, continues to leverage all resources to impose cost on criminals engaging in ransomware attacks,” FBI Deputy Director Paul Abbate said in a media release. “Today’s indictment delivers a clear message to those who engage in cyber-criminal activity – you will face severe consequences for your illicit activities and will be held accountable under the law.”
While the words from Abbate, like those from U.K. Foreign Secretary Lammy, may sound positive, in reality, unless the hackers are stupid enough to travel to a Western country, they won’t face any consequences. Authorities want to be seen to be doing something — in this case, sanctions — but Russia is not going to hand over the hackers and nothing will change that.