Some members of the group also had ties to the Russian state.
Members of the cybercrime group Evil Corp have been sanctioned in the UK, with their links exposed to the Russian state and other prolific ransomware groups.
A group who have extorted at least $300 million from global victims, including those within healthcare, critical national infrastructure, and government, among other sectors.
Evil Corp officially formed as a crime group in 2014 and were responsible for the development and distribution of BitPaymer and Dridex malware, which they used target banks and financial institutions in over 40 countries, stealing over $100m. The UK’s National Crime Agency said the group were in a privileged position, with some members having close links to the Russian state too.
Sanctions have been issued by the UK, USA and Australia against members of the group, while one man - Aleksandr Ryzhenkov - has been named as an affiliate of the LockBit ransomware operation, which the NCA has been in control of for most of this year.
Ryzhenkov has also been indicted by the US Department of Justice for using BitPaymer ransomware to target victims across the US.
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
