Russia based Evil Corp that happens to be the world’s largest malware distribution company is back in news for developing a new variant of ransomware named WastedLocker which demands a ransom of $10 million in Cryptocurrency to unlock a database.
Though the company lied low since 2016 after facing an indictment from the US Department of Justice in Dec’19 for distributing Locky ransomware to consumer households; the group is back in news for targeting millions of user machines with malware.
In 2019 the company was known to distribute Dridex malware which is an automated banking Trojan spun- out from the Zeus banking Trojan.
Now the same hacking group is reported to be distributing WastedLocker ransomware and seems to be making money in millions with it. Mainly they are seen targeting cloud environments, file servers, database services, and virtual machines and have the ability to delete backups remotely. As publishing stolen content on the dark web attracts media attention, Evil Corp doesn’t indulge in such activities, unlike Maze Ransomware distributing group.
Note- Led by Maksim Yakubets, Evil Corp is a malware distribution hacking group that is suspected to be based in Moscow and funded by the Russian government. The company was seen distributing Dridex malware through phishing email campaigns and was seen stealing banking credentials from victims. As the company uses money mules to receive stolen money, it becomes tough for law enforcement to follow the money traces to Evil Corp. Now, information is out that Dridex is being used to install WastedLocker ransomware.
