Some members of the group also had ties to the Russian state.
Members of the cybercrime group Evil Corp have been sanctioned in the UK, with their links exposed to the Russian state and other prolific ransomware groups.
A group who have extorted at least $300 million from global victims, including those within healthcare, critical national infrastructure, and government, among other sectors.
Evil Corp officially formed as a crime group in 2014 and were responsible for the development and distribution of BitPaymer and Dridex malware, which they used target banks and financial institutions in over 40 countries, stealing over $100m. The UK’s National Crime Agency said the group were in a privileged position, with some members having close links to the Russian state too.
Sanctions have been issued by the UK, USA and Australia against members of the group, while one man - Aleksandr Ryzhenkov - has been named as an affiliate of the LockBit ransomware operation, which the NCA has been in control of for most of this year.
Ryzhenkov has also been indicted by the US Department of Justice for using BitPaymer ransomware to target victims across the US.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
