A well-known Russian hacking group, previously sanctioned by the US, is behind the crippling ransomware attack on the Sinclair Broadcast Group, which continues to affect news channels across the country, according to a new report.

Bloomberg news quoted several people “familiar with the attack” when they reported that a group called Evil Corp. was behind the ransomware attack that took place late last week disclosed from Sinclair to both Securities and Exchange Commission (SEC) and on Monday to the public.

According to Bloomberg, the hackers used a malware virus called Macaw to attack Sinclair. The company confirmed that data was stolen in the attack, but it is still working to pinpoint exactly what data was stolen.

The Hill has contacted the Sinclair Broadcast Group for comment.

The ransomware attack has had devastating effects on Sinclair-owned and operated news networks this week. Sinclair is the second largest US television broadcaster, which owns or operates around 185 stations.

Sinclair noted Monday that the attack caused “disruption” in parts of the company, including the delivery of local advertisements, and stressed that it had “worked carefully to get things back up and running quickly and safely,” with the help of an unnamed cybersecurity firm have .

CNN reported on Monday that some television stations had problems accessing graphics, phones, and video files, and that some live segments were prerecorded.

Evil Corp. was the goal of a cross-agency effort in 2019 after it was accused of using its Dridex malware to steal over $ 100 million from hundreds of banks and financial institutions in over 40 countries.

As part of that effort, the Treasury Department imposed sanctions on 17 individuals and seven with Evil Corp. affiliates, while the State Department offered a reward of up to $ 5 millionfor information that could help arrest and convict the group’s leader, Maksim Yakubets. The Justice Department also unsealed an indictment against yakubets.

“Our goal is to shut down Evil Corp, prevent the distribution of Dridex, target the ‘Money Mule’ network used to transfer stolen funds, and ultimately protect our citizens from the group’s criminal activities “Said the former finance minister Steven MnuchinSteven MnuchinThe Hill’s Morning Report – Presented by Alibaba – Biden engages in frantic discussions about Democratic spending Former Treasury Secretary Talks with McConnell, Yellen to try to resolve the debt ceiling impasse: Report Menendez, Rubio ask Yellen to examine the JBS meat packer MORE it said in a statement at the time.

Evil Corp. is one of several Russia-affiliated groups of hackers that have come into the spotlight in recent months.

The cybercriminal REvil was linked both the ransomware attack on the meat producer JBS USA in May and the July attack on the IT group Kaseya, which affected up to 1,500 other companies. The websites used by REvil went dark in the weeks following the Kaseya attack planned law enforcement operation against the group.

The DarkSide group, believed to be also based in Russia, has been linked to the ransomware attack on the Colonial Pipeline in May, which caused fuel shortages in several states that also went offline after the incident.

A coalition of federal agencies earlier this week issue a warning Warning that the BlackMatter ransomware group targeting agricultural groups is “a possible renaming of DarkSide”.

The Biden government has taken steps to try to contain malicious cyber activity related to Russia, including with President BidenJoe BidenWhite House: Window for completing the comprehensive budget package Jayapal says a fee-free community college “probably won’t” be on the spending plan January 6th: Panel votes to despise Bannon MORE calls on the Russian President Wladimir PutinVladimir Vladimirovich PutinFBI agents rave about the Russian oligarch’s DC house Netanyahu told Putin he would be “back soon” after the election: report Russia has another daily record of deaths as COVID-19 continues to rise MORE take action against cybercriminal groups operating in Russia at a face-to-face meeting in June.


Source link
#Large #Russian #group #hackers #connection #ransomware #attack #Sinclair #report

Leave a Reply