Connect with us

News

U.S. charges Ukrainian and Russian in major ransomware spree, seizes $6 million

Published

 on

The U.S. Justice Department charged a Ukraine national and a Russian in one of the worst ransomware attacks against American targets, court filings showed on Monday.

The latest U.S. actions follow a slew of measures taken to combat a surge in ransomware that has struck several big companies, including an attack on the largest fuel pipeline in the United States that crippled fuel delivery for several days.

An indictment accused Ukrainian Yaroslav Vasinskyi, who was arrested in Poland last month, of breaking into Florida software provider Kaseya over the July 4 weekend.

From there, he and accomplices simultaneously distributed REvil ransomware to as many as 1,500 Kaseya customers, encrypting their data and forcing some to shut down for days, it said.

Vasinskyi is charged with breaking into the victim companies and installing encryption software, developed by the core REvil group. REvil directly handled the ransom negotiations and split the profits with affiliates like Vasinskyi. This model allowed the notorious ransomware gang to extort numerous companies for cryptocurrency.

Kimberly Goody, director of financial crime analysis at security company Mandiant, said targeting affiliates could be more effective than going after the core gangs, because their skills are more prized than encryption software, which is ubiquitous. Some affiliates also work with multiple gangs.

The arrest was part of a major ongoing sweep against key ransomware figures coordinated by the FBI, Europol and national police organizations throughout Europe, with help from private security companies.

REvil, also involved in an attack against top global meatpacker JBS SA, was penetrated by the joint operation, Reuters reported previously, and authorities recovered $6 million in ransom payments.

REvil announced it was shutting down last month, as did a rival gang involved in the hack of Colonial Pipeline.

Vasinskyi and another alleged REvil operative, Russian national Yevgeniy Polyanin, were charged in U.S. District Court for the Northern District of Texas with conspiracy to commit fraud and conspiracy to commit money laundering, among other offenses.

The Treasury Department said the two face sanctions for their role in ransomware incidents in the United States, as well as a virtual currency exchange called Chatex “for facilitating financial transactions for ransomware actors.”

Latvian and Estonian government agencies were vital to the investigation, the Treasury said.

“International partnerships can disrupt bad actors,” former U.S. civilian cyber defense Chris Krebs said on Twitter.

Deputy Attorney General Lisa Monaco credited Kaseya for its help in the investigation. “We are here today because in their darkest hour, Kaseya made the right choice and they decided to work with the FBI… in doing so, we were able to identify and help many victims of this attack.”

The Treasury said more than $200 million in ransom payments were paid in Bitcoin and Monero.

Vasinskyi, 22, was being held in Poland pending U.S. extradition proceedings, while Polyanin, 28, remains at large. Russia’s tolerance of major gangs targeting U.S. critical industry has been a flashpoint in relations with the Biden administration.

President Joe Biden said on Monday that his administration has taken “important steps to harden” critical U.S. infrastructure against cyberattacks. “When I met with President Putin in June, I made clear that the United States would take action to hold cybercriminals accountable. That’s what we have done today”, he said in a statement released by the White House.

Although discussions continue, security experts and most U.S. officials said they had not seen an overall decrease in ransomware attacks. Encryption software used for such attacks is freely available.

Reuters could not reach legal representatives for the two men accused on Monday, and no attorneys for them were listed in court filings.

The indictment said the Ukrainian hacker and other conspirators started deploying hacking software around April 2019 and regularly updated and refined it. It said he also laundered money obtained through the extortion scheme.

Europol said earlier on Monday that Romanian authorities on Nov. 4 arrested two other individuals suspected of attacks deploying the REvil ransomware. Officials in South Korea previously arrested three more people associated with REvil and two related strains of ransomeware, Europol added.

Twelve suspects believed to have mounted ransomware attacks against companies or infrastructure in 71 countries were “targeted” in raids in Ukraine and Switzerland, Europol said on Friday.

 

(Reporting by Kanishka Singh in Bengaluru, Mark Hosenball, Diane Bartz and Susan Heavey in Washington, and Joseph Menn in San Francisco; Editing by Dan Grebler)

News

Hoping Omicron won’t wreck Christmas, Bethlehem lights up tree

Published

 on

Residents lit up a giant Christmas tree outside Bethlehem’s Church of the Nativity on Saturday, hoping that a new coronavirus variant doesn’t ruin another holiday season in the traditional birthplace of Jesus.

The Palestinian city in the Israeli-occupied West Bank was all but closed last Christmas, losing its peak tourist season to the pandemic.

This December has seen Israel shut out foreign travellers for 14 days to try to prevent the Omicron variant taking hold, and the hope is that the ban will end as scheduled, in time for Christmas travel. In its last pre-pandemic winter, in 2019/20, Bethlehem hosted 3.5 million visitors.

The giant tree, topped with a bright red star, was lit up with hundreds of coloured lights as red, white and green fireworks illuminated the night sky.

Mayor Anton Salman said the travel ban had prevented several foreign delegations attending.

Nonetheless, the audience in Manger Square in front of the church was far bigger than last year, when coronavirus restrictions kept even local spectators away.

“It is very joyful, a very nice evening. The air is full of hope, full of joy, full of expectation,” said Maria, a tourist from Finland who did not provide her full name.

 

(Reporting by Mohammed Abu Ganeyeh and Yosri al-Jamal in Bethlehem and Roleen Tafakji in Jerusalem; Writing by Maayan Lubell; Editing by Kevin Liffey)

Continue Reading

News

Stuck in South Africa, new travel rules put this Canadian's trip home for the holidays at risk – CBC.ca

Published

 on


Andrew Neumann’s hopes of making it home for the holidays have been cast into doubt by the emergence of the omicron coronavirus variant and the swift implementation of new pandemic border restrictions around the world.

“It’s actually a particularly sensitive time,” Neumann, a Canadian living in South Africa, said in an interview on CBC’s The House that aired Saturday. His son just started university in Toronto, his first year away from home, he explained. And there are other pressing concerns.

“My wife’s father is very ill. He’s in his 80s. He’s undergoing chemotherapy…. Likewise, my mother’s 91. She’s in sort of cognitive decline. I haven’t seen her in two years,” he told host Chris Hall.

“And there’s a question mark again in my mind: Am I going to be able to say goodbye?” Neumann said.

20:23Borders tighten again

Public Safety Minister Marco Mendicino discusses new restrictions and testing measures at the border and Peel Region medical officer of health Dr. Lawrence Loh explains how his jurisdiction is dealing with concerns about omicron. 20:23

Neumann has lived in Johannesburg since 2015. He was planning to return to Canada for the holidays when new travel restrictions were put in place affecting travellers from 10 countries, mostly in southern Africa. Canadians trying to come home from those countries must now meet a series of additional testing and quarantine requirements.

Travellers must get a pre-departure molecular COVID-19 test 72 hours ahead of their departure, something Canadians are now used to, but that test must be in a third country — not any of the 10 on Canada’s list. Neumann was planning to get a test during his connection in Germany, but additional rules put in place there have made that impossible.

Canadian, German restrictions clash

A letter Neumann received from the Canadian High Commission in South Africa said German airline Lufthansa would not allow Canadians to board because of that third-country testing requirement and restrictions put in place by Germany.

Neumann’s situation closely resembles that of the Canadian junior women’s field hockey team, which has also been stuck in South Africa. The team has asked for an exemption to leave the country.

Andrew Neumann and his family have been trying to come back to Canada from South Africa. (Submitted)

Neumann said he has been struck by what he says is the “cavalier” way the government has answered the questions of would-be travellers whose plans the restrictions have thrown into limbo.

He also says the restrictions themselves make little sense given what we now know about the spread of the omicron variant.

“It just seems so disproportionate a response to southern Africa versus the rest of the world that you have to question the motivations,” he said.

In an emailed response to CBC News, Global Affairs Canada said this country’s entry requirements are meant to ensure the safety of Canadians. It said that the implementation of restrictions could disrupt travel plans but that “the decision to travel is the sole responsibility of the individual.”

“We can confirm that we are receiving reports of Canadians abroad affected by these new measures,” the statement said.

Debate over travel ban effectiveness

In a separate interview on The House, Public Safety Minister Marco Mendicino said the restrictions are being implemented to give Canada the time to assess the risk of the omicron variant and “protect the progress” the country has made against the pandemic.

“I’d acknowledge that we’re at a moment where there will be some challenges, but we put in place public health measures because of the variant of concern.”

WATCH | New travel restrictions throw travel plans into chaos: 

Omicron variant renews uncertainty for travellers

3 days ago

The uncertainty around the omicron variant and new COVID-19 testing and isolation requirements has some wondering if international travel is about to be upended again. 2:04

There has been significant criticism of the travel measures put in place by Canada and other countries, with growing evidence that the new variant had been circulating in several nations before South African researchers first discovered it in late November and travel restrictions were imposed.

Part of the debate has centred on the efficacy of travel restrictions themselves, with some experts arguing they do little to stop the spread of a new variant. The president of South Africa called them “unscientific” and “discriminatory.”

Mendicino said the restrictions on the 10 countries were not politically motivated but instead based on science.

“We’re doing it because we want to protect Canadians. This is not their first go-around. We’ve done this drill before, and we want to make sure that we’re taking the right decision when it comes to protecting the health and safety of Canadians,” he said.

WATCH | Debate over the effectiveness of travel restrictions: 

Travel bans unfairly target country that identified omicron variant, specialist says

3 days ago

Dr. Samir Gupta, a respirologist and associate professor at the University of Toronto, says travel bans to prevent the omicron variant’s spread can buy time, but penalize the countries that identify new virus variants. 7:52

For one medical officer of health in Canada, the bans are of some use but should not be the focus of government.

“You know, the honest truth is that it probably would have limited impact overall, but it may help to slow the introduction of omicron,” said Dr. Lawrence Loh of Peel Region, which hosts Toronto’s Pearson International Airport.

For Neumann, it’s clear the travel bans are not justified.

“When we know now that it’s also everywhere else in the world suggests that poorer countries are at a disadvantage, certainly versus Europe and Canada and the U.S.,” he said.

Despite the challenges so far, Neumann now has a flight booked for next Friday and describes himself as “somewhat hopeful” his travel plans will work out.

Adblock test (Why?)



Source link

Continue Reading

News

Russia says airliner had to lose height to avoid NATO spy plane

Published

 on

A Russian Aeroflot airliner flying from Tel Aviv to Moscow was forced to change altitude over the Black Sea because a NATO CL-600 reconnaissance plane crossed its designated flight path, Russia’s state aviation authority said on Saturday.

The state airline said flight SU501 carrying 142 passengers had had to drop 2,000 feet on Friday after air traffic control told it that another aircraft had crossed its path.

The crew were able to see the other plane when they passed in the sky, it said in a separate statement.

The aviation authority, Rosaviatsia, said a smaller CL-650 aircraft flying from the Black Sea resort of Sochi to Skopje had also had to change its course.

It did not say which NATO member the reconnaissance aircraft belonged to. Russia’s Defence Ministry said on Friday it had scrambled fighter jets to escort two U.S. military reconnaissance planes over the Black Sea.

The U.S. Embassy in Moscow made no immediate comment about the incident when it was first reported by the Interfax news agency.

Rosaviatsia said an increase in flights by NATO aircraft in the region was creating risks for civilian planes and that Moscow planned to lodge a diplomatic complaint over them.

International tensions have been rising over Ukraine and the Black Sea region.

Kyiv and NATO powers accuse Russia of building up troops near Ukraine, sparking fears of a possible attack. Moscow denies any such plan and accuses Kyiv of building up its own forces in its east, where Russian-backed separatists control a large part of Ukrainian territory.

(Reporting by Tom Balmforth and Gleb Stolyarov; Editing by Helen Popper and Kevin Liffey)

Continue Reading

Trending