Russian cybercriminals have been targeting employees working from home due to the coronavirus pandemic and launching ransomware attacks against several U.S. companies, a new report says.
Hackers Evil Corp has attempted to access more than 30 organizations and demand millions of dollars in ransom with the goal of crippling their networks' systems. The group's leaders in December were indicated by the U.S. Department of Justice.
Authorities are concerned that Evil Corp could be targeting the U.S. voting systems as well.
In 2019, alleged Evil Corp masterminds Igor Turashev and Maksim Yakubets were charged by U.S. authorities, accusing them of using malware to siphon millions of dollars from educational and religious groups in over 40 nations.
Authorities have offered a $5 million reward for any info leading to their arrest. It is believed to be the largest amount ever offered for a cybercriminal. Both suspects are still at large.
The threat, which was uncovered by Symantec Corporation, arrives at a time when most Americans have been tasked with work-from-home duties. The security firm issued the warning on Thursday.
Symantec has described the attack as a new type of ransomware called WasterLocker, which has been linked to Evil Corp. The WastedLocker ransomware virus demands ransoms of $500,000 to $1m to unlock computer files it seizes.
The report also revealed that among the companies attacked by Evil Corp, eight of them were Fortune 500 companies. Most of the targets had been major corporations, many of which were household names. All companies, except for one, are US-owned and comprise the media, information technology, and manufacturing sectors.
According to Symantec, the hackers had infiltrated already and started "laying the groundwork" for future ransomware attacks, meaning they have already breached these companies' networks. The attack, if successful, would block access to data in order to demand millions of dollars.
Eric Chien, Symantec's technical director, told the New York Times that Evil Corp has taken advantage of the fact that many workers have been using virtual private networks (VPNs) to access work systems while working from home.
They use VPNs to find out the company an employee works for then proceed to infect the user's computer when they visit a commercial or any public site. When the user accesses their employer's system, the attack commences.
With the U.S. presidential election merely several months away, local and federal officials are hard at work putting measures in place to safeguard the records of voters and manage safe voting practices in spite of the pandemic.
