The cryptocurrency has been used as a tool by criminals to facilitate illegal activities for a long time. Besides using it as a mode of payment powering their illicit activities, the tech has also been exploited to launder illegal funds. A Chainalysis report states that criminal entities have laundered around $2.8 billion in Bitcoin in 2019.
Lately, cryptocurrencies have also seen growing use as ransom payments. The anonymous nature of cryptocurrencies makes it very easy for hackers to move and launder the funds. Notorious hacking groups like the Lazarus group often demand payment in cryptocurrencies.
Now, it looks like an infamous group of hackers just failed to execute a ransomware attack as it was blocked by cybersecurity firm Symantec. According to the firm, the WastedLocker ransomware attack was directed towards 31 U.S.-based firms and Fortune 500 companies, and Symantec just blocked it in time.
Symantec saves the day
The report published by the cybersecurity firm reveals that the group behind the attack is the Evil Group, a group infamous for demanding payment in Bitcoin (BTC). The group targeted the IT infrastructures of the victims but weren’t able to execute the attack as the companies were alerted in time.
The group, however, managed to penetrate the victims’ networks to try and lay the foundation for staging the attacks.
The early stages of the WastedLocker attack were first detected by Symantec’s Targeted Attack Cloud Analytics team, by utilizing advanced machine learning to identify various patterns of activity related to previous attacks.
While Symantec did not mention which companies were targeted, the report noted that the manufacturing sector was most affected. The gang had previously targeted five organizations in the manufacturing industry.
According to Symantec, had the attackers not been disrupted, “successful attacks could have led to millions in damages, downtime, and a possible domino effect on supply chains.”
A recent study by the cybersecurity firm Fox-IT, a division of NCC Group, warned about the return of Evil Group’s return after they had gone quiet for a while due to the indictment of two of the alleged members Igor Olegovich Turashev and Maksim Viktorovich Yakubets.
The gang has previously demanded millions of dollars in ransom payments in popular cryptocurrencies like Bitcoin. There have been reports that the group has asked for a sum total of $10 million from an unknown number of companies that they recently attacked.