Hackers operating from Russia are increasing ransomware attacks against major American companies, threatening to paralyze their networks if they do not meet their demands for millions of dollars, security researchers warn.

Cybersecurity firm Symantec said Thursday that it had identified at least 31 targets in the United States, including eight Fortune 500 companies.

« The attackers behind this threat appear to be skilled and experienced, able to break into some of the best-protected corporations, steal credentials, and move easily through their networks. As such, WastedLocker is a highly dangerous piece of ransomware, » he said. in its warning the threat intelligence division of Symantec, owned by Broadcom.

« At least 31 client organizations have been attacked, which means that the total number of attacks may be much higher. The attackers had violated the networks of the target organizations and were in the process of preparing the ground for ransomware attacks. »

Earlier in the week, a similar warning was issued by British security firm NCC Group, which in May identified the ransomware strain called WastedLocker as a new threat.

Investigators said those responsible for the attacks included two Russian citizens, Igor Olegovich Turashev and Maksim Viktorovich Yakubets, who were charged in the United States in December for their involvement with an entity known as Evil Corp, accused of hacking into American and British banks.

NCC analyst Stefano Antenucci wrote that researchers can demonstrate « with great confidence » that the latest ransomware is from Evil Corp, which has been using so-called Dridex malware since July 2014.

The United States indictment alleges that the group is allegedly linked to malware inserted by Russian intelligence into computers in dozens of countries to steal more than $ 100 million from local companies and authorities.

The accusation was accompanied by US Treasury sanctions against both men, as well as the announcement of a $ 5 million reward for the arrest and conviction of Yakubets, the highest reward ever offered by a cybercriminal.

Another extensive hacking operation had its conclusion Thursday, when Russian hacker Sergey Medvedev pleaded guilty before a Nevada court, the US Department of Justice reported.

The 33-year-old man, arrested in Thailand in 2018, led a criminal network and had founded the « Infraud Organization » platform, where stolen credit card information and other personal data were exchanged.

With the slogan « In Fraud We Trust », the network, which had 10,901 members in 2017, became number one to buy goods with fraudulent banking information, causing damages of 530 million dollars.

rl / jh / ll / dg / gma / lda