Sanctions
Treasury sanctions North Korean over IT worker malware scheme
The U.S. Department of the Treasury sanctioned cyber actor Song Kum Hyok for his association with North Korea’s hacking group Andariel and for facilitating IT worker schemes that generated revenue for the Pyongyang regime. Considered a sub-cluster of the Lazarus group linked to North Korea’s Reconnaissance General Bureau, the Andariel state actor is focused mostly on financially-motivated […]
Aeza Group sanctioned for hosting ransomware, infostealer servers
The U.S. Department of the Treasury has sanctioned Russian hosting company Aeza Group and four operators for allegedly acting as a bulletproof hosting company for ransomware gangs, infostealer operations, darknet drug markets, and Russian disinformation campaigns. The Treasury’s Office of Foreign Assets Control (OFAC) claims that Aeza’s services were utilized by the BianLian ransomware gang, […]
US sanctions firm linked to cyber scams behind $200 million in losses
The U.S. Treasury Department has sanctioned Funnull Technology, a Philippines-based company that supports hundreds of thousands of malicious websites behind cyber scams linked to over $200 million in losses for Americans. Funnull facilitated virtual currency investment scams (also known as romance baiting and pig butchering) by buying IP addresses in bulk from various cloud service providers. The company […]
European Union sanctions Stark Industries for enabling cyberattacks
The European Union has imposed strict sanctions against web-hosting provider Stark Industries and the two individuals running it, CEO Iurie Neculiti and owner Ivan Neculiti, for enabling “destabilising activities” against the Union. The action is part of the European Council’s effort to protect against Russian hybrid threats. It affects 21 individuals and six entities behind activities […]
Grinex exchange suspected rebrand of sanctioned Garantex crypto firm
A new cryptocurrency exchange named Grinex is believed to be a rebrand of Garantex, a Russian cryptocurrency exchange whose domains were seized by the U.S. authorities and an admin arrested. According to a new report by blockchain intelligence firm TRM Labs, Grinex shows strong ties to Garantex’s previous operations but has not determined if it’s […]
US charges Chinese hackers linked to critical infrastructure breaches
The US Justice Department has charged Chinese state security officers along with APT27 and i-Soon hackers for network breaches and cyberattacks that have targeted victims globally since 2011. Their victim list includes US federal and state government agencies, foreign ministries of multiple governments in Asia, U.S.-based dissidents, as well as a prominent religious organization in […]
US sanctions LockBit ransomware’s bulletproof hosting provider
The United States, Australia, and the United Kingdom have sanctioned Zservers, a Russia-based bulletproof hosting (BPH) services provider, for supplying essential attack infrastructure for the LockBit ransomware gang. Two of its key administrators, Russian nationals Alexander Igorevich Mishin and Aleksandr Sergeyevich Bolshakov, were also designated for their roles in directing Lockbit virtual currency transactions and […]
EU sanctions Russian GRU hackers for cyberattacks against Estonia
The European Union sanctioned three hackers, part of Unit 29155 of Russia’s military intelligence service (GRU), for their involvement in cyberattacks targeting Estonia’s government agencies in 2020. Today, the Council of the EU says that GRU officers Nikolay Korchagin, Vitaly Shevchenko, and Yuriy Denisov stole thousands of sensitive documents containing classified information after breaching several Estonian ministries. […]
US sanctions Chinese firm, hacker behind telecom and Treasury hacks
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Yin Kecheng, a Shanghai-based hacker for his role in the recent Treasury breach and a company associated with the Salt Typhoon threat group. “Yin Kecheng has been a cyber actor for over a decade and is affiliated with the People’s Republic […]
US cracks down on North Korean IT worker army with more sanctions
The U.S. Treasury Department has sanctioned a network of individuals and front companies linked to North Korea’s Ministry of National Defense that have generated revenue via illegal remote IT work schemes. “The DPRK continues to rely on its thousands of overseas IT workers to generate revenue for the regime, to finance its illegal weapons programs, […]