The Evil Corp cybercrime syndicate has recently faced renewed sanctions imposed by the United States, United Kingdom, and Australia in a coordinated effort to combat its illegal activities. The U.S. Treasury’s Office of Foreign Assets Control (OFAC) announced the sanctions against seven individuals and two entities linked to the organization, further solidifying efforts initiated in 2019 when seventeen individuals and seven entities were previously sanctioned. Among those newly sanctioned are Eduard Benderskiy, the father-in-law of the group’s leader Maksim Yakubets, and several others closely associated with the syndicate. This trilateral action emphasizes the commitment of these countries to dismantle the criminal operations of Evil Corp, known for orchestrating extensive ransomware attacks.
The sanctions entail freezing the assets of the designated individuals and businesses, prohibiting any transactions with them by organizations in the U.S., UK, and Australia. Notably, this means that any organizations victimized by Evil Corp’s ransomware attacks will not be able to make ransom payments without prior approval from OFAC, posing significant risks for businesses facing such threats. The sanctions target individuals who are believed to have deep ties to the Russian government, raising concerns about the syndicate’s collaboration with state intelligence services for cyber espionage against NATO allies. As a result, the implications of these sanctions extend beyond immediate financial penalties, potentially disrupting Evil Corp’s operational capabilities.
In conjunction with the sanctions, the United States unsealed an indictment against Aleksandr Ryzhenkov, a suspected member of Evil Corp, for conducting ransomware attacks involving the notorious BitPaymer ransomware. Ryzhenkov is accused of infiltrating the networks of multiple U.S. companies and deploying ransomware to encrypt their files, subsequently demanding ransom payments for decryption keys. This indictment represents a critical step in holding individuals accountable for their roles in cybercrime, with potential legal repercussions including severe financial penalties and imprisonment. The DOJ’s announcement underlines the severity of these offenses and the government’s commitment to pursuing justice against cybercriminals.
Evil Corp is recognized for its sophisticated cyber operations, having developed various malicious software, including the Dridex banking Trojan and multiple ransomware families. Over the years, the group has adapted its tactics in response to legal pressures, leading to the creation of different ransomware variants to evade sanctions. The organization previously separated into factions, leading to the emergence of other ransomware operations like DoppelPaymer, which continued attacking organizations until recently. With the latest sanctions and ongoing investigations, the international community is intensifying efforts to disrupt Evil Corp’s criminal network, aiming to protect businesses and individuals from the growing threat of cybercrime.
