European and North American cybercrime investigators said they have dismantled the heart of a malware operation directed by Russian criminals after a global operation involving British, Canadian, Danish, Dutch, French, German and US police.
International arrest warrants have been issued for 20 suspects, most of them living in Russia, by European investigators, while indictments were unsealed in the US against 16 people.
Those charged include the alleged leaders of the Qakbot and Danabot malware operations, including Rustam Rafailevich Gallyamov, 48, who lives in Moscow and Aleksandr Stepanov, 39, AKA JimmBee, and Artem Aleksandrovich Kalinkin, 34, AKA Onix, both of Novosibirsk, Russia, the US Department of Justice said.
Photo: Reuters
Cyberattacks aimed at destabilizing governments or simple theft and blackmail are becoming increasingly pernicious. The high-street retailer Marks & Spencer is one of the most high-profile and recent victims in the UK this month.
The Europeans, led by the German crime agency, Bundeskriminalamt (BKA), released public appeals in their attempts to track down 18 suspects believed to be involved in the Qakbot malware family, along with a third malware known as Trickbot.
BKA and its international counterparts said the majority of the suspects were Russians. The Russian national Vitalii Nikolayevich Kovalev, 36, already wanted in the US, is one of BKA’s most wanted.
He is allegedly behind Conti, considered to be the most professional and best-organized ransomware blackmail group in the world, with Kovalev described as one of the “most successful blackmailers in the history of cybercrime” by German investigators.
Using the pseudonyms Stern and Ben, BKA said that he is claimed to have attacked hundreds of companies worldwide and extracted large ransom payments from them.
Kovolev, 36, from Volgorod, is believed to be living in Moscow, where several firms are registered in his name. He was identified by US investigators in 2023 as having been a member of Trickbot.
Investigators also believe he was at the helm of Conti and other blackmail groups, such as Royal and Blacksuit, founded in 2022. His own cryptowallet is said to be worth about 1 billion euros (US$1.1 billion)
BKA said that of the 37 perpetrators they identified, they had enough evidence to issue 20 arrest warrants.
The US attorney’s office in California unsealed the details of charges against 16 defendants who allegedly “developed and deployed the DanaBot malware.”
The criminal infiltrations into victims’ computers were “controlled and deployed” by a Russia-based cybercrime organization that has infected more than 300,000 computers around the world, particularly in the US, Australia, Poland, India and Italy.
It was advertised on Russian-language criminal forums and also had an “espionage variant used to target military, diplomatic, government and non-governmental organizations,” the indictment says.
“For this variant, separate servers were established, such that data stolen from these victims was ultimately stored in the Russian Federation,” it added.
BACKLASH: The National Party quit its decades-long partnership with the Liberal Party after their election loss to center-left Labor, which won a historic third term Australia’s National Party has split from its conservative coalition partner of more than 60 years, the Liberal Party, citing policy differences over renewable energy and after a resounding loss at a national election this month. “Its time to have a break,” Nationals leader David Littleproud told reporters yesterday. The split shows the pressure on Australia’s conservative parties after Prime Minister Anthony Albanese’s center-left Labor party won a historic second term in the May 3 election, powered by a voter backlash against US President Donald Trump’s policies. Under the long-standing partnership in state and federal politics, the Liberal and National coalition had shared power
NO EXCUSES: Marcos said his administration was acting on voters’ demands, but an academic said the move was emotionally motivated after a poor midterm showing Philippine President Ferdinand Marcos Jr yesterday sought the resignation of all his Cabinet secretaries, in a move seen as an attempt to reset the political agenda and assert his authority over the second half of his single six-year term. The order came after the president’s allies failed to win a majority of Senate seats contested in the 12 polls on Monday last week, leaving Marcos facing a divided political and legislative landscape that could thwart his attempts to have an ally succeed him in 2028. “He’s talking to the people, trying to salvage whatever political capital he has left. I think it’s
CONTROVERSY: During the performance of Israel’s entrant Yuval Raphael’s song ‘New Day Will Rise,’ loud whistles were heard and two people tried to get on stage Austria’s JJ yesterday won the Eurovision Song Contest, with his operatic song Wasted Love triumphing at the world’s biggest live music television event. After votes from national juries around Europe and viewers from across the continent and beyond, JJ gave Austria its first victory since bearded drag performer Conchita Wurst’s 2014 triumph. After the nail-biting drama as the votes were revealed running into yesterday morning, Austria finished with 436 points, ahead of Israel — whose participation drew protests — on 357 and Estonia on 356. “Thank you to you, Europe, for making my dreams come true,” 24-year-old countertenor JJ, whose
UNSCHEDULED VISIT: ‘It’s a very bulky new neighbor, but it will soon go away,’ said Johan Helberg of the 135m container ship that run aground near his house A man in Norway awoke early on Thursday to discover a huge container ship had run aground a stone’s throw from his fjord-side house — and he had slept through the commotion. For an as-yet unknown reason, the 135m NCL Salten sailed up onto shore just meters from Johan Helberg’s house in a fjord near Trondheim in central Norway. Helberg only discovered the unexpected visitor when a panicked neighbor who had rung his doorbell repeatedly to no avail gave up and called him on the phone. “The doorbell rang at a time of day when I don’t like to open,” Helberg told television
RSS