Image Credit: WallpaperFlare / Public Domain
The Tennessee Conservative [By Adelia Kirchner] –
Several Russian nationals have officially been charged after conspiring to use ransomware to attack the cyberspaces of both private and government entities located in Middle Tennessee.
The Southern District of California and the Northern District of Ohio are two of the other locations impacted by these crimes.
According to the Department of Justice (DOJ) three separate indictments have been unsealed, one for each of the three states.
The indictments charge “multiple Russian cybercrime actors involved in the Trickbot malware and Conti ransomware schemes.”
Trickbot was a suite of malware tools taken down last year, designed specifically to steal money and install ransomware.
The malware victimized various hospitals, schools, and businesses who lost millions of dollars because of the scheme.
While it was still active, Trickbot acted as a support system for multiple ransomware variants including Conti, a ransomware program used to attack over 900 victims worldwide.
This included victims in approximately 47 states, the District of Columbia, Puerto Rico, and about 31 other countries.
In a September 7th press release, the DOJ announced that a federal grand jury in the Middle District of Tennessee charged Maksim Galochin, Maksim Rudenskiy, Mikhail Mikhailovich Tsarev, and Andrey Yuryevich Zhuykov, with “conspiring to use Conti ransomware to attack businesses, nonprofits, and governments in the United States beginning in 2020 and continuing through June 2022.”
The conspirators did so by allegedly extorting funds from victims in Middle Tennessee and encrypting the computer systems of a local sheriff’s department, a local police department, and local emergency medical services.
“If you don’t [know Conti] – just ‘google it,’” read ransom notes left on the computer systems of Conti victims.
The DOJ stated that Galochkin was a “crypter” for Conti and modified the ransomware so that it wouldn’t be detected by anti-virus programs, Rudenskiy was a supervising developer, Tsarev was a manager of other Conti conspirators, and Zhuykov managed various aspects of the Conti infrastructure itself.
Now each of these individuals has been charged with one count of conspiracy to violate the Computer Fraud and Abuse Act and one count of wire fraud conspiracy.
If convicted, each of them could face up to 25 years in prison.
“The conspirators who developed and deployed Conti ransomware victimized businesses, governments, and non-profits around the world, including a sheriff’s office and an emergency medical service in Tennessee,” stated U.S. Attorney Henry C. Leventis. “We will continue to use the full power of this office to ensure that hackers can no longer hide behind their computer screens and to hold them accountable.”
FBI Director Christopher Wray also made a statement on the indictment saying, “Today’s announcement shows our ongoing commitment to bringing the most heinous cyber criminals to justice – those who have devoted themselves to inflicting harm on the American public, our hospitals, schools, and businesses.”
More information on the indictments in California and Ohio can be found here.
About the Author: Adelia Kirchner is a Tennessee resident and reporter for the Tennessee Conservative. Currently the host of Subtle Rampage Podcast, she has also worked for the South Dakota State Legislature and interned for Senator Bill Hagerty’s Office in Nashville, Tennessee. You can reach Adelia at firstname.lastname@example.org.