Russian intelligence services worked with prominent ransomware gangs to compromise U.S. government and government-affiliated organizations, according to new research from cybersecurity firm Analyst1.
Two Russian intelligence bureaus — the Federal Security Service, or FSB, and Foreign Intelligence Service, or SVR — collaborated with individuals in “multiple cybercriminal organizations,” security analysts with the firm say in the report. The research indicates these cybercriminals helped Russian intelligence develop and deploy custom malware targeting American companies that serve U.S. military clients.
The hacking groups used a variation of the so-called Ryuk ransomware — used for attacks on large enterprises — called “Sidoh,” created specifically for espionage, according to Analyst1. The code was launched sometime between June 2019 and January 2020 and hid in the background of Windows machines, silently harvesting keystrokes and sensitive documents.
Article submitted by, AucepsTheLocalMilkPerson.