FBI has announced a shift in focus from counterterrorism to countering the growing threat of…
According to court documents, this wallet contained money from the victims of the REvil ransomware and belonged to the partner of the hack group Alexander Sikerin, being linked to the email address engfog1337@gmail.com.
The GandCrab and REvil organizations operated as Ransomware-as-a-Service (RaaS), when the main partner of the operators cooperates with third-party hackers called affiliates. As part of this collaboration, major operators developed and operated encryption / decryption software, payment portal, and data leak sites. Affiliates are tasked with hacking into corporate networks, stealing data, and deploying ransomware to encrypt devices.
Any ransom payments will then be split between the affiliates and the main operators, with the operators usually receiving 20-30% of the ransom and the affiliates the rest.
Although the FBI does not provide the attacker’s nickname, reporters note that the name engfog in the email address clearly refers to the hacker Lalartu, who previously worked with groups such as GandCrab and REvil (Sodinokibi).
Back in the McAfee report on REvil activity, researchers tracked Lalartu’s money trail. So, in 2019, he wrote on a Russian-language hacker forum that he once worked with GandCrab, and then switched to REvil after the first ransomware stopped working.
Let me remind you that we also wrote that FinCEN Tied $ 5.2 Billion Transactions to Ransomware Operations.
News-bpudepi.today is a domain that tries to trick you into subscribing to its browser notifications…
Doguhtam.xyz is a site that tries to trick you into subscribing to its browser notifications…
News-xlixoti.com is a site that tries to force you into subscribing to its browser notifications…
Ducesousightion.com is a domain that tries to trick you into clik to its browser notifications…
News-xlabica.live is a domain that tries to trick you into clik to its browser notifications…
Mergechain.co.in is a site that tries to trick you into subscribing to its browser notifications…