Security Service of Ukraine exposes hackers targeting international financial institutions assisting Ukraine
In collaboration with law enforcement agencies of partner countries, cybersecurity experts from the Security Service of Ukraine (SSU) have busted members of the LockBit international hacker group. It was responsible for disrupting the operations of financial institutions in Western countries, employing ransomware tactics to demand money to restore functionality of these institutions.
Source: Ukraine's Security Service
Quote: "Over almost 5 years, the criminals carried out over 3,000 cyberattacks against financial institutions and corporations in Western countries that provide defence assistance to Ukraine. It has been documented that hackers demanded over US$90 million from just one American company. To steal corporate information, the hackers utilised ransomware programs developed for this particular purpose."
Details: Reportedly, Ukraine and Russia's citizens were among the group's organisers and participants.
Investigation materials indicate that group members remotely deployed malicious software on users' computers. The virus collected information and then disabled the operation of the devices, "offering" to restore them after users paid for the service.
In case of refusal, the criminals threatened to disable the entire technological process of the affected companies and disclose their confidential information online.
During the investigative actions, law enforcement seized over 30 servers in the United States and seven EU countries, from which the criminals conducted cyberattacks and where they stored the stolen data. Additionally, over 200 cryptocurrency accounts of the criminal group were blocked.
Background:
- On 20 February, the US Department of the Treasury announced sanctions against two Russians involved in developing the LockBit ransomware program, which was used to attack Western institutions and companies.
Support UP or become our patron!