Russian hackers attacked remotely working employees of companies in the United States

Russian hacker group pursues a rent-seeking attack on an American company, using their work from home employees. About it writes BBC.

Российские хакеры атакуют работающих удаленно сотрудников компаний в США

Photo: Shutterstock

Evil Corp hackers tried to gain access to at least 31 networks to damage systems and to demand millions of dollars ransom.

Against two alleged leaders of the group in December 2019 were charged by the U.S. Department of justice. There are fears that the voting system in the USA may also become a target.

In 2019, the U.S. government filed charges against the alleged leaders of the Evil Corp Maxim Akubra and Igor Turashev, accusing them of using malicious programs to steal millions of dollars from various groups, including schools and religious organizations in more than 40 countries.

Officials announced the reward of $5 million for information leading to their arrest, which, according to them, is the largest sum ever offered for a cybercriminal. Both men are still at large.

The threat is amplified due to the fact that the majority of Americans are working from home because of the pandemic, COVID-19 — 62%, according to a Gallup poll.

Before the US presidential election only a few months, and Federal and local officials are working to take measures to protect voter data, and to ensure safe voting in terms of a pandemic.

What is known about the attacks

Symantec Corporation, a company that monitors corporate and government network issued a notice, warning about the threat of hacker attacks, revealed in the evening of 25 June.

Were used in the attacks WastedLocker virus, Symantec called it a relatively new type of “ransomware”. Its creation is credited with the Evil Corp. “Ransomware” is a computer virus that threatens to delete files unless paid a ransom. Virus-extortionist WastedLocker demands a ransom of between $500,000 and $1 million to unlock the seized computer files.

Symantec said that “the vast majority of goals is a major Corporation, and eight goals — companies from the Fortune 500.

Most attacks have targeted companies from the sectors of manufacturing, information technology and media. Symantec said that hackers are already breaking into the networks of these companies and “laid the Foundation” for future attacks, “extortion”, which would allow them to block access to the data and to demand millions of dollars ransom.

Technical Director of Symantec’s Eric Chin said that getting into network hackers use employees via virtual private network (VPN).

They use VPN to determine the company, in which the user works, and then pass the virus on a user’s computer when they visit a public or commercial site. When the user connects to the system by their employer, the hackers can attack.

The context

City in Louisiana, Oregon, Maryland, Georgia, Texas and Florida were subjected to attacks of “ransomware” last year.

The Department of homeland security is considering options to strengthen the protection of databases of voters ahead of presidential elections on 3 November. In February, the head of the Agency for cybersecurity, has stated that this is a key issue of the upcoming elections.




Russian hackers

Our people