:quality(75)/cloudfront-us-east-1.images.arcpublishing.com/elcomercio/WDMROEDD7BDQXO5SXQ22TA7FNE.jpg)
In February this year, the National Crime Agency (NCA) of UKtogether with other police agencies from several countries, dismantled Block, the ‘ransomware’ (data hijacking) group that has become one of the most prolific in history. Three months later, U.S bet on its leader, Russian Dmitry Yuryevich Khoroshev, who is offering a 10 million dollar reward for information leading to his arrest and conviction.
He ‘ransomware‘ is a type of cyber attack in which the victim is prevented from accessing their own data unless they pay a ransom.
LOOK: What tactical nuclear weapons Russia will use in military exercises ordered by Putin
Security forces from the United States, United Kingdom and Australia identified Dmitry Yurievich Khoroshev31, as the alleged operator of the account LockBitSupp and mentor of the famous ransomware group organization Blockwhich has extracted hundreds of millions of dollars from thousands of victims around the world and also sells its services to other criminals.
Dmitry Khoroshev faces 26 charges in Federal Court New Jersey.
Khoroshev is charged with one count of conspiracy to commit fraud, extortion and computer-related activities; one count of conspiracy to commit wire fraud; eight counts of intentional damage to a protected computer; eight counts of extortion relating to confidential information on a protected computer; and eight counts of extortion in relation to damage to a protected computer. In total, These charges carry a maximum sentence of 185 years in prison. Each of the 26 counts charged in the indictment also carries a maximum fine of $250,000.
According to the United States Department of Justice, Block It attacked more than 2,500 victims in at least 120 countries, including 1,800 in the United States.
“As part of our tireless efforts to dismantle the ransomware and protect victims, the Department of Justice filed more than two dozen criminal charges against the administrator of Blockone of the most dangerous ransomware organizations in the world,” said Deputy Attorney General Lisa Monaco.
Among those affected by Block There are individuals, small businesses, multinationals, hospitals, schools, non-profit organizations, and government and law enforcement agencies.
According to the Department of Justice statement, Khoroshev and his associates earned at least $500 million in ransoms paid by their victims and caused billions of dollars in losses.
Khoroshev allegedly served as developer and administrator of the group Block from its inception in September 2019 to the present, it indicates the justice of the United States.
“Dmitry Khoroshev conceived, developed and managed Blockthe variant and group of ransomware most prolific company in the world, allowing it and its affiliates to wreak havoc and cause billions of dollars in harm to thousands of victims around the world,” the U.S. attorney said. New Jersey Philip R. Sellinger.
“He thought he could do it hidden under his notorious nickname’LockBitSupp‘, anonymous and free from consequences, while He personally pocketed $100 million extorted from Lockbit victims. Through tireless investigation and coordination with our partners in the Criminal Division’s Computer Crimes and Intellectual Property Section, the FBI and foreign partners, we proved him and his accomplices wrong. The indictment marks an important milestone in the investigation and the processing of Block” he added.
The prosecution maintains that Khoroshevas a developer of Blockgenerally received 20% of each ransom payment from those extorted. The affiliate responsible for an attack received the remaining 80%.
According to U.Sin his role as developer and administrator of LockBit, Khoroshev organized the design of the LockBit ransomware code, recruited other LockBit members (called affiliates) to search for victims, and maintained the LockBit infrastructure, including an online software panel called the “control panel,” to provide affiliates with the tools necessary to implement O ransomware.
Khoroshev He also maintained the public LockBit website to publish data stolen from victims who refused to pay ransom.
The infrastructure of Block seized by authorities during the February 2024 operation showed that Khoroshev retained copies of stolen data from victims who paid the demanded ransom.
Khoroshev and his accomplices falsely promised victims that their stolen data would be deleted after payment.
Blockwhich has been in operation since 2019, has been described as the ransomware most dangerous in the world. The group was responsible for 23% of the almost 4,000 attacks that occurred in 2023 across the planet.
When the ransomware in Block infects a system, data on the victim’s system becomes encrypted and inaccessible. The attackers then request payment of a ransom in cryptocurrencies to provide the decryption key to restore the systems to their original state.
If the ransom is not paid, they also frequently threaten to publish the encrypted data.
Block has been linked to attacks on the United Kingdom’s Royal Mail, Britain’s National Health Service, aircraft manufacturer Boeing, international law firm Allen and Overy and China’s largest bank ICBC, according to the agency AP.
The attacks of Block They also paralyzed local government, judicial and school systems.
It’s hard to fight Block, good most of its affiliates are based in former Soviet republics and are beyond the reach of Western justice.
Block It is run by Russian speakers. It could have hundreds of members, but there is no proof that a state like Russia is behind them.
At the Operation Cronos In February of this year, authorities said they seized the servers the gang used to organize and transfer victims’ data and gained access to nearly 1,000 possible decryption keys. They also accessed the platform’s source code Block and lots of intelligence information about the people they worked with.
The operation led by UK National Crime Agency The objective was to steal all data from Block and then destroy its infrastructure, causing a “major and significant degradation” of the cybercrime threat.
In February, analyst Brett Callow of cybersecurity firm Emsisoft said the operation was “probably the biggest ransomware disruption to date.” However, he added that this probably doesn’t mean the end of Blockas these groups resurface with new names.
Nowadays, LockBit is still active. In March Khoroshev He gave an interview to The Record where he said the group was still operating. But as described NCA, its capacity and global impact are reduced. Since February, attacks by Block in British territory they decreased by 73%.
Source: Elcomercio
I am Jack Morton and I work in 24 News Recorder. I mostly cover world news and I have also authored 24 news recorder. I find this work highly interesting and it allows me to keep up with current events happening around the world.
:quality(75)/cloudfront-us-east-1.images.arcpublishing.com/elcomercio/I2453I3SEVHKTG7TCB6QDBOX2I.jpg)
