Author Archives: hubbleventures

Enlarge (credit: Getty Images)

Russian law enforcement authorities said on Friday that they have arrested 14 people associated with REvil, a top ransomware group that has disrupted critical operations of wealthy targets and held their data hostage.

The action, carried out by Russia’s FSB, the successor agency to the KGB, is a rare example of the country’s government cracking down on cybercrime by its citizens. The US and Russia have no extradition treaty in place, and critics have said the Kremlin routinely harbors cybercriminals as long as they don’t target organizations located in the former Soviet Union. The arrests come as tensions between Russia and the US escalate over a standoff involving Ukraine.

Big-game hunter neutralized

“The FSB of Russia established the full composition of the criminal community ‘REvil’ and the involvement of its members in the illegal circulation of means of payment and documented illegal activities,” Russian officials wrote. “In order to implement the criminal plan, these persons developed malicious software and organized the theft of funds from the bank accounts of foreign citizens and their cashing, including by purchasing expensive goods on the Internet.”

Enlarge / A Ukrainian Military Forces serviceman watches through a spyglass in a trench on the frontline with Russia-backed separatists near Avdiivka, southeastern Ukraine, on January 9, 2022. (credit: Anatolii Stepanov | Getty Images)

Ukraine said it was the target of a “massive cyber attack” after about 70 government websites ceased functioning.

On Friday morning targets included websites of the ministerial cabinet, the foreign, education, agriculture, emergency, energy, veterans affairs, and environment ministries. Also out of service were the websites of the state treasury and the Diia electronic public services platform, where vaccination certificates and electronic passports are stored.

“Ukrainians! All your personal data has been uploaded to the public network,” read a message temporarily posted on the foreign ministry’s website. “All data on your computer is being erased and won’t be recoverable. All information about you has become public, fear and expect the worst.”

Enlarge (credit: Getty Images)

Over the past few months, geopolitical tensions have escalated as Russia amassed tens of thousands of troops along Ukraine’s border and made subtle but far-reaching threats if Ukraine and NATO don’t agree to Kremlin demands.

Now, a similar dispute is playing out in cyber arenas, as unknown hackers late last week defaced scores of Ukrainian government websites and left a cryptic warning to Ukrainian citizens who attempted to receive services.

Be afraid and expect the worst

“All data on the computer is being destroyed, it is impossible to recover it,” said a message, written in Ukrainian, Russian, and Polish, that appeared late last week on at least some of the infected systems. “All information about you has become public, be afraid and expect the worst.”

Enlarge

The past year saw a breathtaking rise in the value of cryptocurrencies like Bitcoin and Ethereum, with Bitcoin gaining 60 percent in value in 2021 and Ethereum spiking 80 percent. So perhaps it’s no surprise that the relentless North Korean hackers who feed off that booming crypto economy had a very good year as well.

North Korean hackers stole a total of $395 million worth of crypto coins last year across seven intrusions into cryptocurrency exchanges and investment firms, according to blockchain analysis firm Chainalysis. The nine-figure sum represents a nearly $100 million increase over the previous year’s thefts by North Korean hacker groups, and it brings their total haul over the past five years to $1.5 billion in cryptocurrency alone—not including the uncounted hundreds of millions more the country has stolen from the traditional financial system. That hoard of stolen cryptocurrency now contributes significantly to the coffers of Kim Jong-un’s totalitarian regime as it seeks to fund itself—and its weapons programs—despite the country’s heavily sanctioned, isolated, and ailing economy.