Connect with us


According to analysts, a hacking tool related to the Russian ring of crime used in Sinclair’s ransomware attack



According to some analysts who studied it, the code also matches the previous piracy tools attributed to the Russian group.

The criminal group, known as Evil Corp., is believed to be primarily motivated by money and is known to boast its ill-gotten wealth. U.S. authorities have previously accused him of stealing $ 100 million from victims around the world in part through access to victims ’bank account login information.

“According to someone I’ve been in direct contact with, who is part of Sinclair’s recovery team, the company was hit with Macaw ransomware, which appears to be a new Evil Corp ransomware,” Allan Liska, analyst senior intelligence from cybersecurity company Recorded Future, told CNN Business.

Sinclair, which is the second largest television operator in the United States, has been investigating the ransomware attack since Saturday. The disturbance prevented the production of local news throughout the day on Sunday and again on Monday, Sinclair officials previously told CNN Business. The company also said it was working to determine what information the hackers stole and that it had notified law enforcement and U.S. government agencies about the attack.

Neither Sinclair nor U.S. government agencies have named a culprit in the piracy. A Sinclair spokesman did not immediately respond to a request for comment.

The possible connection to Evil Corp, which Bloomberg News first reported, would mean that Sinclair Broadcast Group had been in the crosshairs of a formidable enemy.

While Evil Corp is believed to be primarily interested in making money, the Treasury Department in 2019 sanctioned alleged members of Evil Corp and accused the group leader of providing “direct assistance to the Russian government’s malicious cyber efforts. “.

Sanctions generally prohibit organizations that are victims of Evil Corp from paying the group’s ransom to unlock their data. Amid a steady stream of ransomware attacks on U.S. companies this year, the Biden administration has tried to deter companies from paying ransoms to worry it only invites more attacks.