Man
Professional
- Messages
- 3,222
- Reaction score
- 810
- Points
- 113
The creators of the malware will stand trial in Moscow.
On October 8, the Presnensky District Court of Moscow scheduled hearings in the cases of A.G. Ermakov and M.B. Lenin Both defendants are charged under Article 273 Part 2 of the Criminal Code of the Russian Federation - creation, use or distribution of malicious computer programs committed by a group of persons or an organized group, or caused major damage or committed out of selfish interest.
Most likely, the defendants are Alexander Gennadievich Yermakov and Mikhail Borisovich Lenin (Shefel). The case is believed to be related to the activities of a ransomware group known as SugarLocker.
Earlier in February, Russian law enforcement agencies, together with F.A.C.C.T., arrested members of the SugarLocker cybercriminal group, disguised as the legitimate IT company Shtazi-IT. The group offered services for the development of landing pages, mobile applications and online stores, using these platforms to distribute malware. The investigation revealed that the SugarLocker (Encoded01) ransomware was created in early 2021, but was not initially actively used. In November of the same year, a user under the pseudonym "GustaveDore" on the underground forum RAMP introduced an affiliate program based on the Ransomware-as-a-Service (RaaS) model, calling for cooperation to use the SugarLocker ransomware.
The announcement indicated that the group penetrates victims' networks via RDP (Remote Desktop Protocol) and offers partners 70% of the revenue, leaving 30% for SugarLocker. For revenues over $5 million, the profit sharing changes by 90% in favor of the partner and 10% for SugarLocker.
In January 2024, three members of the group, including Alexander Yermakov (known by the pseudonyms blade_runner and GustaveDore), were arrested. The investigation found that Yermakov was involved in the attacks on Medibank Private, as a result of which the data of 10 million Australians was leaked.
Source
On October 8, the Presnensky District Court of Moscow scheduled hearings in the cases of A.G. Ermakov and M.B. Lenin Both defendants are charged under Article 273 Part 2 of the Criminal Code of the Russian Federation - creation, use or distribution of malicious computer programs committed by a group of persons or an organized group, or caused major damage or committed out of selfish interest.
Most likely, the defendants are Alexander Gennadievich Yermakov and Mikhail Borisovich Lenin (Shefel). The case is believed to be related to the activities of a ransomware group known as SugarLocker.
Earlier in February, Russian law enforcement agencies, together with F.A.C.C.T., arrested members of the SugarLocker cybercriminal group, disguised as the legitimate IT company Shtazi-IT. The group offered services for the development of landing pages, mobile applications and online stores, using these platforms to distribute malware. The investigation revealed that the SugarLocker (Encoded01) ransomware was created in early 2021, but was not initially actively used. In November of the same year, a user under the pseudonym "GustaveDore" on the underground forum RAMP introduced an affiliate program based on the Ransomware-as-a-Service (RaaS) model, calling for cooperation to use the SugarLocker ransomware.
The announcement indicated that the group penetrates victims' networks via RDP (Remote Desktop Protocol) and offers partners 70% of the revenue, leaving 30% for SugarLocker. For revenues over $5 million, the profit sharing changes by 90% in favor of the partner and 10% for SugarLocker.
In January 2024, three members of the group, including Alexander Yermakov (known by the pseudonyms blade_runner and GustaveDore), were arrested. The investigation found that Yermakov was involved in the attacks on Medibank Private, as a result of which the data of 10 million Australians was leaked.
Source
