Home Russian Evil Corp hacker group hit with sanctions

Russian Evil Corp hacker group hit with sanctions

Russian hacker group  Evil Corp was hit with sanctions by United States, United Kingdom and Australian authorities.

Last week, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), the UK’s Foreign, Commonwealth & Development Office (FCDO), and Australia’s Department of Foreign Affairs and Trade (DFAT) all imposed sanctions on Evil Corp. At the same time, the United States Department of Justice also unsealed an indictment that charges an organization member with using BitPaymer ransomware against U.S. citizens.

A tight-knit group

Evil Corp is the organization behind the Dridex malware responsible for harvesting login credentials which led to over $100 million of stolen funds from hundreds of banks across over 40 countries. The cybercrime cabal in question is well connected to the Russian hacking underworld and local state entities.

An October 3 Chainalysis report highlighted the connections between Evil Corp and the operators of the LockBit ransomware. On-chain data shows that the LockBit ransomware family has close associations with Evil Corp wallet addresses — with both having used the same centralized exchange deposit addresses.

This can signify that it is either the same group or two closely collaborating organizations sharing a money-laundering infrastructure. Some reports suggest that Evil Corp has used LockBit to rebrand away from the sanctions imposed on it.

Chainalysis further reports that several Evil Corp members are related. The group’s leader Maksim Victorovich Yakubets also reportedly worked with Russia’s Federal Security Service (FSB) and is working to obtain clearance to handle classified information. The leader’s father Viktor Yakubets also participates in the operation, as does his father-in-law, Eduard Benderskiy, who is also a former FSB officer.

The report follows the UK’s National Cyber Security Centre (NCSC) warning in late January that artificial intelligence (AI) will increase the threat of ransomware globally over the next two years.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Radek Zielinski
Tech Journalist

Radek Zielinski is an experienced technology and financial journalist with a passion for cybersecurity and futurology.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.