US Seizes $2.8 Million From Zeppelin Ransomware Operator

Posted on By CWS

The US Division of Justice introduced prices in opposition to a Zeppelin ransomware operator and the seizure of greater than $2.8 million from his cryptocurrency pockets.

The person, Ianis Aleksandrovich Antropenko, allegedly deployed Zeppelin in opposition to companies, organizations, and people worldwide, encrypting their information and exfiltrating it for extortion.

The identical as in different ransomware operations, Antropenko and his co-conspirators demanded a ransom fee from their victims in trade for decrypting their information and for not publishing it on-line.

Final week, the DOJ unsealed six warrants looking for the seizure of $2.8 million in cryptocurrency, together with $70,000 in money and a luxurious car, that are believed to be proceeds from the ransomware actions of Antropenko and his co-conspirators.

The suspects allegedly laundered the proceeds via varied means, together with the cryptocurrency mixing service ChipMixer, which was taken down by legislation enforcement in 2023, and by exchanging the digital belongings to money that was then deposited in structured money deposits.

Antropenko was charged with laptop fraud and abuse conspiracy, laptop fraud and abuse, and cash laundering conspiracy.

First noticed in 2019, the Zeppelin ransomware was derived from the Delphi-based Vega (VegaLocker) ransomware-as-a-service (RaaS) household, and was utilized in extremely focused assaults, primarily in opposition to healthcare and tech organizations in Europe and the US.

In 2022, the US cybersecurity company CISA and the FBI warned that Zeppelin was exploiting RDP connections and vulnerabilities in SonicWall firewalls for preliminary entry, and that its operators would generally execute the ransomware a number of occasions inside the identical community.Commercial. Scroll to proceed studying.

By the point CISA and the FBI printed their advisory, the Zeppelin operation had disappeared and in November 2022 it was revealed that vulnerabilities within the malware’s encryption course of had allowed cybersecurity consulting agency Unit 221B to crack its encryption keys in early 2020.

Associated: Manpower Says Information Breach Stemming From Ransomware Assault Impacts 140,000

Associated: Assist Desk at Danger: Scattered Spider Shines Mild on Overlook Menace Vector

Associated: Minnesota Prompts Nationwide Guard in Response to Cyberattack

Associated: NASCAR Confirms Private Info Stolen in Ransomware Assault

Security Week News Tags:, , , ,

Related Posts

Cisco Patches Critical ISE Vulnerability With Public PoC Security Week News
SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack Security Week News
Chrome 141 and Firefox 143 Patches Fix High-Severity Vulnerabilities Security Week News
Geordie Emerges From Stealth With $6.5M for AI Agent Security Platform Security Week News
Pixnapping Attack Steals Data From Google, Samsung Android Phones Security Week News
Healthcare Services Group Data Breach Impacts 624,000 Security Week News