A Russian national is accused in a series of ransomware attacks in Texas and other parts of the U.S. over a seven-year period, the Department of Justice (DOJ) announced on Tuesday.
The DOJ, citing an unsealed indictment, alleged that Aleksandr Viktorovich Ryzhenkov gained unauthorized access personal and corporate files, rendered the data inaccessible using BitPaymer software and demanded payments for a decryption key that would prevent sensitive information from being released on the dark web.
Ryzhenkov and others allegedly hacked into computer systems by taking advantage of vulnerabilities in hardware in addition to phishing campaigns and malware.
“Ransomware attacks – particularly those deployed by bad actors with ties to Russia – can paralyze a company in the time it takes to open a laptop. Whether or not the ransom is paid, recovering from a ransomware attack is generally costly and time-consuming,” said Leigha Simonton, U.S. Attorney for the Northern District of Texas.
The Department of the Treasury said Ryzhenkov targeted a New York bank, Swiss citizens and others under the pseudonym “Guester.” Authorities describe Ryzhenkov as the second in command at the Russia-based cybercriminal organization Evil Corp., a group accused of developing and distributing the Dridex malware.
Treasury also announced that Ryzhenkov, who authorities believe resides in Russia, was added to its list of specially designated nationals, which prohibits U.S. financial institutions from engaging in certain transactions and activities with him.
Bradley T. Smith, acting under secretary of the Treasury for Terrorism and Financial Intelligence, said the action announced on Tuesday “underscores our collective commitment to safeguard against cybercriminals like ransomware actors, who seek to undermine our critical infrastructure and threaten our citizens.”
“The United States, in close coordination with our allies and partners, including through the Counter Ransomware Initiative, will continue to expose and disrupt the criminal networks that seek personal profit from the pain and suffering of their victims,” Smith added.
