European and North American cybercrime investigators said they have dismantled the heart of a malware operation directed by Russian criminals after a global operation involving British, Canadian, Danish, Dutch, French, German and US police.
International arrest warrants have been issued for 20 suspects, most of them living in Russia, by European investigators, while indictments were unsealed in the US against 16 people.
Those charged include the alleged leaders of the Qakbot and Danabot malware operations, including Rustam Rafailevich Gallyamov, 48, who lives in Moscow and Aleksandr Stepanov, 39, AKA JimmBee, and Artem Aleksandrovich Kalinkin, 34, AKA Onix, both of Novosibirsk, Russia, the US Department of Justice said.
Photo: Reuters
Cyberattacks aimed at destabilizing governments or simple theft and blackmail are becoming increasingly pernicious. The high-street retailer Marks & Spencer is one of the most high-profile and recent victims in the UK this month.
The Europeans, led by the German crime agency, Bundeskriminalamt (BKA), released public appeals in their attempts to track down 18 suspects believed to be involved in the Qakbot malware family, along with a third malware known as Trickbot.
BKA and its international counterparts said the majority of the suspects were Russians. The Russian national Vitalii Nikolayevich Kovalev, 36, already wanted in the US, is one of BKA’s most wanted.
He is allegedly behind Conti, considered to be the most professional and best-organized ransomware blackmail group in the world, with Kovalev described as one of the “most successful blackmailers in the history of cybercrime” by German investigators.
Using the pseudonyms Stern and Ben, BKA said that he is claimed to have attacked hundreds of companies worldwide and extracted large ransom payments from them.
Kovolev, 36, from Volgorod, is believed to be living in Moscow, where several firms are registered in his name. He was identified by US investigators in 2023 as having been a member of Trickbot.
Investigators also believe he was at the helm of Conti and other blackmail groups, such as Royal and Blacksuit, founded in 2022. His own cryptowallet is said to be worth about 1 billion euros (US$1.1 billion)
BKA said that of the 37 perpetrators they identified, they had enough evidence to issue 20 arrest warrants.
The US attorney’s office in California unsealed the details of charges against 16 defendants who allegedly “developed and deployed the DanaBot malware.”
The criminal infiltrations into victims’ computers were “controlled and deployed” by a Russia-based cybercrime organization that has infected more than 300,000 computers around the world, particularly in the US, Australia, Poland, India and Italy.
It was advertised on Russian-language criminal forums and also had an “espionage variant used to target military, diplomatic, government and non-governmental organizations,” the indictment says.
“For this variant, separate servers were established, such that data stolen from these victims was ultimately stored in the Russian Federation,” it added.
Philippine President Ferdinand Marcos Jr yesterday vowed that those behind bogus flood control projects would be arrested before Christmas, days after deadly back-to-back typhoons left swathes of the country underwater. Scores of construction firm owners, government officials and lawmakers — including Marcos’ cousin congressman — have been accused of pocketing funds for substandard or so-called “ghost” infrastructure projects. The Philippine Department of Finance has estimated the nation’s economy lost up to 118.5 billion pesos (US$2 billion) since 2023 due to corruption in flood control projects. Criminal cases against most of the people implicated are nearly complete, Marcos told reporters. “We don’t file cases for
A feud has broken out between the top leaders of the far-right Alternative for Germany (AfD) party on whether to maintain close ties with Russia. The AfD leader Alice Weidel this week slammed planned visits to Russia by some party lawmakers, while coleader Tino Chrupalla voiced a defense of Russian President Vladimir Putin. The unusual split comes at a time when mainstream politicians have accused the anti-immigration AfD of acting as stooges for the Kremlin and even spying for Russia. The row has also erupted in a year in which the AfD is flying high, often polling above the record 20 percent it
Ecuadorans are today to vote on whether to allow the return of foreign military bases and the drafting of a new constitution that could give the country’s president more power. Voters are to decide on the presence of foreign military bases, which have been banned on Ecuadoran soil since 2008. A “yes” vote would likely bring the return of the US military to the Manta air base on the Pacific coast — once a hub for US anti-drug operations. Other questions concern ending public funding for political parties, reducing the number of lawmakers and creating an elected body that would
‘ATTACK ON CIVILIZATION’: The culture ministry released drawings of six missing statues representing the Roman goddess of Venus, the tallest of which was 40cm Investigators believe that the theft of several ancient statues dating back to the Roman era from Syria’s national museum was likely the work of an individual, not an organized gang, officials said on Wednesday. The National Museum of Damascus was closed after the heist was discovered early on Monday. The museum had reopened in January as the country recovers from a 14-year civil war and the fall of the 54-year al-Assad dynasty last year. On Wednesday, a security vehicle was parked outside the main gate of the museum in central Damascus while security guards stood nearby. People were not allowed in because
RSS