Posted on 03/29/2022 9:02:17 AM PDT by DUMBGRUNT
In a secret chat room run by a group of Russian-affiliated cybercriminals, a hacker expressed excitement about a plan to attack and disable more than 400 U.S. hospitals. “There will be panic,” the hacker wrote, in Russian.
The hacking enterprise, called the Trickbot Group by federal prosecutors, and its affiliates had already collected hundreds of millions of dollars by shutting down emergency rooms, city governments and public schools since 2018.
Security researchers and U.S. officials say the internal conversations amount to the most complete and candid public look yet at the operations of a criminal ransomware enterprise.
A malware developer participating in the chats used a nickname previously identified in a federal indictment as a coder for Trickbot. And gaps in the logs coincide with periods when the group’s computer infrastructure was known to have been disrupted by law enforcement or intelligence agencies, according to security researchers and the security blogger Brian Krebs.
Trickbot runs an affiliate program that allows other criminals to sign up as partners and wield the group’s ransomware, servers and even its trained ransom negotiators in exchange for a percentage of each victim’s payment.
The leaks depict a highly professional and ruthless ransomware organization at the top of its game, said John Fokker, head of cyber investigations with the security firm Trellix. “They don’t discriminate in targets; they don’t care if they go after a hospital,” he said. “It’s all about making money.”
(Excerpt) Read more at wsj.com ...
Time for Interpol to put some hefty reward money on their heads. Crooks love to betray their competitors. Then keep GITMO open.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.