Evil Corp’s Close Ties with the Russian Government Exposed in Operation Cronos
The U.K.’s National Crime Agency (NCA) has made a significant breakthrough in its efforts to disrupt the operations of the notorious Russia-backed cybercrime gang, Evil Corp. In a statement on Tuesday, the NCA revealed that it had linked a long-standing affiliate of the LockBit ransomware group, known as ‘Beverley,’ to Aleksandr Ryzhenkov, a Russian national who is believed to be "second in command" at Evil Corp.
Operation Cronos: A Global Effort to Disrupt LockBit and Evil Corp
The NCA’s latest findings are part of Operation Cronos, a joint effort between U.K. and international law enforcement agencies aimed at disrupting the operations of LockBit, once one of the most prolific Russian ransomware gangs, and Evil Corp, one of Russia’s top cybercrime groups with known links to the Russian government.
Ryzhenkov: A Key Figure in Evil Corp’s Operations
According to the NCA, Ryzhenkov is close friends with Evil Corp founder and leader Maksim Yakubets, who was charged by the U.S. government in 2019 for his alleged role in developing and distributing the Dridex malware. Yakubets was previously accused of providing "direct assistance" to the Russian government.
New Evidence Reveals Overlaps between LockBit and Evil Corp
The NCA’s latest findings have revealed further overlaps between the two Russian cybercrime gangs, including a brief resurrection of the dark web leak site used by LockBit to list and extort its victims. The authorities believe that Ryzhenkov’s close relationship with Yakubets and his involvement in LockBit’s operations make him a key figure in Evil Corp’s operations.
U.S., U.K., and Australian Authorities Implicated in Operation Cronos
The NCA’s statement revealed that the operation involved authorities from the U.S. Department of Justice, the Australian Federal Police, and other international partners. The agencies worked together to gather evidence and disrupt the activities of LockBit and Evil Corp.
LockBit’s Code: A New Detail Revealed by Investigation
As part of its investigation into LockBit, the NCA discovered that the gang’s code was written in such a way that it would not delete a victim’s data even if they paid a ransom demand. This detail was unknown to LockBit’s affiliates, the NCA said.
U.S. Indictment of Ryzhenkov
In an updated statement, the NCA revealed that Ryzhenkov had been indicted by the U.S. Department of Justice for his alleged role in LockBit’s operations. The indictment details Ryzhenkov’s involvement in the gang’s activities and his connections to Evil Corp.
The Implications of Operation Cronos
The success of Operation Cronos marks a significant victory for law enforcement agencies in their efforts to disrupt the activities of cybercrime gangs. The operation highlights the close ties between LockBit and Evil Corp, as well as the involvement of key figures such as Ryzhenkov. As the investigation continues, it is likely that more details will emerge about the operations of these notorious gangs.
Stay Informed:
For the latest updates on Operation Cronos and other cybersecurity news, follow our coverage at TechCrunch.
Related Articles
- Cybersecurity Firm Says Russian Hackers Targeting US Energy Sector
- LockBit Ransomware Gang Disrupted in Global Law Enforcement Effort
- U.S. Sanctions Chinese Cyber Firm Linked to Flax Typhoon Hacks
