US complains about the management of a global cybercriminal network

US complains about the management of a global cybercriminal network

A US Federal Supreme Court published an indictment against a Russian on Thursday, which is accused of having led a global cyber criminal association. This gang has caused hundreds of million dollars worldwide.

scope of cybercrime

The investigation shows that the group targeted people in the USA and various economic sectors. This ranged from a dental practice in Los Angeles to a music company in Tennessee.

reparation for the victims

As part of the indictment, the US Ministry of Justice announced that it was working on returning more than $ 24 million in cryptocurrencies that were supposed to be stolen from the Russian and confiscated by the Ministry.

US measures against cybercrime

This is part of a long-term US criminal prosecution that makes it difficult to get Russia-based criminals to blackmail and disturb American providers of critical infrastructure with ransomware attacks. On Wednesday, the Ministry of Justice announced that it confiscated the computer systems behind another sensational hacking tool, whose mastermind is also suspected in Russia.

Russia and the delivery of criminals

The USA and Russia have no delivery contract, and the Kremlin is reserved when it comes to pursuing hackers on Russian soil as long as they do not attack Russian organizations, says US officials.

The role of Rustam Gallyamov

The Rafailevich Gallyamov, accused on Thursday, a 48-year-old from Moscow, is accused of developing malignant software called Qakbot in 2008 to infect hundreds of thousands of computers in the USA and worldwide. This malware was used in harmful ransomware attacks on health authorities and government agencies, report the prosecutors.

ransomware and financial profit

Gallyamov often received a share of the proceeds from ransomware attacks that other hackers carried out using Qakbot. For the ransomware attack on the music company in Tennessee, he received over $ 300,000, according to the indictment.

reactions and other measures

CNN has the Russian embassy in Washington D.C. to ask a comment on the allegations. The indictment offers an insight into the resistant career of a suspected cybercriminals. In 2023, the FBI and European law enforcement authorities disamed a huge network of computers infected with Qakbot and confiscated millions of dollars that belonged to the hackers.

hidden methods of cybercriminals

After this destruction, Gallyamov apparently looked for new ways to offer his malignant software cybercriminals that carried out ransomware attacks. He and his accomplices are said to have started bombing companies with spam and pretending to be IT support in order to fix the problem, according to the indictment.

rewards for information

The Foreign Ministry offered a reward of $ 10 million for information about the backers of Qakbot in 2023. It is unclear whether confidential information about Gallyamov's indictment led. In some cases, accusations are published if it is not certain whether a defendant will travel to a country that has no delivery contract with the United States.

The connections to ransomware groups

One of the main customers of Gallyamov was apparently the Ransomware gang Conti, which achieved at least $ 25 million from a number of attacks in a short period of four months in 2021, according to the crypto tracking company Elliptic. Gallyamov's hacking tool started this course for a manufacturing company in Wisconsin and a technology company in Nebraska in autumn 2021.

The effects of the Ukraine conflict

The last mention of the Conti-Ransomware group in the indictment dates from the end of January 2022. A month later, Russia started its comprehensive invasion of Ukraine, and a Ukrainian hacker Leact a wealth of data About Conti as a retaliation for its support from the Russian government. This forced the criminal network to start a new establishment, but Gallyamov apparently turned to other customers.