Ransomware Gang Evil Corp Group Strikes Again with New Ransomware WastedLocker - Blockchain.News

Ransomware Gang Evil Corp Group Strikes Again with New Ransomware WastedLocker

Shine Li Jun 24, 2020 05:53

A ransomware gang called Evil Corp Group is back in action again, after having been in retirement for an undetermined period of time. The malware hacker group strikes again by developing a ransom software dubbed WastedLocker.

Ransomware Gang Evil Corp Group Strikes Again with New Ransomware WastedLocker

A ransomware gang called Evil Corp Group is back in action, after having been in retirement for an undetermined period of time. The malware hacker group strikes again by developing a ransom software dubbed WastedLocker.

Who is behind Evil Corp?

Evil Corp Group is a Russian-based cybercriminal group that is led by Maksim Yakubets. The group rose to popularity in 2007 and was infamously known for targeting big US firms.

They demand million-dollar payments as ransom, and they are reputed for having stolen at least $100 million from banks and financial institutions in at least 40 countries. According to global cybersecurity expert NCC group:

“Evil Corp are selective in terms of the infrastructure they target when deploying their ransomware. Typically, they hit file servers, database services, virtual machines and cloud environments.”

The cybercriminal group rose to popularity after they developed the Dridex and Bitpaymer ransomware. From the get-go, Evil Corp Group has changed their virtual identity numerous times in order to stay undetected.

New production: WastedLocker

The newly developed malware WastedLocker aims to encrypt the files of the infected host. Though it does not have anything in common with its precedent BitpaymerWastedLocker has been labeled a threat by cybersecurity officials due to its connection to the notorious Evil Group.

In fact, alleged leader Yakubets and his partner-in-crime Igor Turashev have been charged in a 10-count indictment for monetary fraud, conspiracy, computer hacking, and wire fraud.

Bitcoin demanding ransomware WannaCryFake

WannaCryFake, much like its counterpart WastedLocker, is a Bitcoin (BTC) demanding ransomware. The malware operates when a computer system is infected with the bug, then data is encrypted, held hostage, and a ransom in Bitcoin is demanded in exchange for the decryption of the files. Finally, only after the ransom has been paid, the attackers will release the stolen data back to the victim.

Solutions to ransomware

Though it may be daunting, there are solutions brought up by cybersecurity firms to track down hacker gangs and put an end to their cybercriminal activities.

Emisoft, a cybersecurity firm, aims at tracking down malicious phishing and ransomware attacks. They released a free decryption tool aimed at putting an end to illegal Bitcoin mining activities.

 

Image source: Shutterstock