Cyber security company Symantec blocked a known group’s ransomware attack for requesting payment in Bitcoin (BTC). The attack was directed against 30 US-based companies. and companies among the 500 richest in the world.
The announcement, released by the cybersecurity company, states that the Evil Group is the cybercriminals group behind these attacks targeting companies’ IT infrastructures. However, companies were alerted in good time to avoid ransomware. The group used the WastedLocker ransomware, breached the security of the victims’ networks, and unsuccessfully attempted to pave the way for the attacks.
The group asks for millionaire payments
Cointelegraph recently reported that a study by cyber security company Fox-IT, a division of the NCC Group, warned of the return of Evil Group’s cybercrime activity after a short period of inactivity.
The group is known for asking its victims to pay millions in ransom in cryptocurrencies like Bitcoin. There are reports that the group had claimed a total of $ 10 million from an unknown number of US companies that were recently attacked.
The team from Symantec, Targeted Attack Cloud Analytics, first discovered the early stages of the WastedLocker attacks, By relying on advanced machine learning to identify activity patterns associated with recent attacks.
The Evil Group targeted 31 companies, one of which is a US-based subsidiary, in the failed attack. of a multinational abroad.
The most affected sector
Symantec did not identify the expected victims, but the cyber security company’s report said manufacturing was most affected. because the group focused on five organizations related to this sector.
According to Symantec If the attackers had not been interrupted, “successful attacks could have caused millions of damage, downtime, and a possible wave effect on the supply chain.”
The Evil Group had ceased operations until January 2020 following charges against its suspected members Igor Olegovich Turashev and Maksim Viktorovich Yakubets.