Skip to content

Ukraine Police Arrest Suspect Linked to LockBit and Conti Ransomware Groups

Posted by:
< 1 min read

June 13, 2024 – Published on The Hacker News

The Cyber Police of Ukraine has announced the arrest of a local man who is suspected to have offered their services to LockBit and Conti ransomware groups.

The unnamed 28-year-old native of the Kharkiv region allegedly specialized in the development of crypters to encrypt and obfuscate malicious payloads in order to evade detection by security programs.

The product is believed to have been offered to the Conti and LockBit ransomware syndicates that then used the crypter to disguise the file-encrypting malware and launch successful attacks.

The development comes as GuidePoint Security revealed that a current affiliate of the RansomHub ransomware group, who was previously a BlackCat affiliate, also has connections with the infamous Scattered Spider gang based on overlaps in observed tactics, techniques, and procedures (TTPs).

This encompasses the use of social engineering attacks to orchestrate account takeovers by reaching out to help desk personnel to initiate account password resets and the targeting of CyberArk for credential theft and lateral movement.

Read More HERE.

Categories: Incident Response & Threat Intelligence
Tags:GRITransomware

GuidePoint Security

Worldwide Web: An Analysis of Tactics and Techniques Attributed to Scattered Spider
Additional authors: Rui Ataide and Hermes Bojaxhi Executive Summary In early 2024, we identified a current affiliate of the RansomHub […]
View Page

Related Articles

View All

  • GRIT Blog
Worldwide Web: An Analysis of Tactics and Techniques Attributed to Scattered Spider
Posted by: Jason Baker
Published 06/12/24, 05:45am
Read More 11 min read
  • GRIT Blog
GRIT Ransomware Report: May 2024
Posted by: Justin Timothy
Published 06/13/24, 08:45am
Read More 18 min read
  • Incident Response & Threat Intelligence
GRIT Ransomware Report-2024-Q1
Read More < 1 min read