Russian Police Bust Suspected Meduza Infostealer Developers
p
Cybercrime
Fraud Management Cybercrime
ppRussian police arrested three young IT specialists suspected of developing and selling the Meduza credentialharvesting malware ppSee Also Why Cyberattackers Love Living Off the LandppAuthorities from Russias Ministry of Internal Affairs of Russia together with police investigators charged the men with developing and supplying the informationstealing malware and linked it to an attack that breached and stole data from a government institution in the countrys southern Astrakhan region in May said a ministry spokeswoman in a Russianlanguage post to Telegram ppPolice arrested all of the suspects in or around Moscow and seized computing equipment communication devices and payment cards Authorities didnt specify the suspects identities or dates of arrest or under what terms they may have been bailed They accused the men of gaining unauthorized access to data from one of the institutions in the Astrakhan region referring to a Russian province bordering the Caspian Sea ppNot to be confused with Medusa ransomware the Meduza infostealer first appeared in mid2023 and has been sold across Telegram channels and cybercrime forums ppIts popularity among cybercriminals and ties to the wider cybercrimeasaservice ecosystem has been well documented When the US Department of Justice in July sanctioned Aeza Group a bulletproof hosting service it said the Meduza Lumma and RedLine infostealers all used the providerppInvestigators established that about two years ago the attackers developed and began distributing software called Meduza through hacker forums the ministry spokeswoman said It is designed to steal account credentials information about crypto wallets and other computer datappPriced from 199 for a onemonth subscription to 1199 for lifetime access Meduza positions itself as a superior alternative to established stealers like RedLine Raccoon and Vidar and boasts a userfriendly GUI for attackers allowing easy customization and log management said cybercrime intelligence firm Hudson Rock ppCriminal use of infostealers continues to surge collectively accounting for 58 million host and device infections and nearly 2 billion stolen credentials harvested just in the first half of this year said threat intelligence firm FlashpointppThese stolen credentials are batched into a single infostealer log for each infected system Such files circulate on illicit marketplaces and Telegram channels and have transformed such attacks into a pathway for gaining corporate network access and launching subsequent operations Ian Gray Flashpoints vice president of intelligence told Information Security Media GroupppWhether these arrests are part of a wider crackdown isnt yet clear This isnt the first time Russian authorities have targeted homegrown cyber threats but the focus on an infostealer like Meduza often sold as a subscription service on dark web forums suggests a broader effort to curb tools that fuel global data breaches Hudson Rock said ppThe arrest of suspected Meduza developers comes amid reports from cyber Kremlinologists that the countrys intelligence establishment is making increased efforts to recruit wield and otherwise shape homegrown cybercrime resources as deniable assets for statesanctioned cyber operations see Kremlin Shaping Cybercrime Into Deniable Geopolitical Tool ppButtressing the crackdown theory are the April arrests of several employees bulletproof host Aeza Group Among the detained was Yuril Meruzhanovich Bozoyan the general director and coowner The ministry accused them of creating a criminal community Russian media reportedppBut apparent Russian crackdowns on cybercriminals are frequently less about enforcement and more about optics said Alexander Leslie a senior adviser at Recorded Future in a LinkedIn post ppRussians accused of any type of domestic cybercrime typically face markedly less severe penalties compared to many other countries Some exceptions apply including for anyone accused of facilitating drug trafficking who risk being sent to one of the countrys harsh penal colonies see Russia Slams Life Sentence on Hydra Darknet Markets Founder ppExecutive Editor DataBreachToday Europe ISMGppSchwartz is an awardwinning journalist with two decades of experience in magazines newspapers and electronic media He has covered the information security and privacy sector throughout his career Before joining Information Security Media Group in 2014 where he now serves as the executive editor DataBreachToday and for European news coverage Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading among other publications He lives in Scotlandpp
ppCovering topics in risk management compliance fraud and information securityppBy submitting this form you agree to our Privacy GDPR StatementppwhitepaperppwhitepaperppStandards Regulations ComplianceppFraud Management CybercrimeppData PrivacyppFraud Management CybercrimeppData PrivacyppContinue pp
90 minutes Premium OnDemand
ppOverviewppFrom heightened risks to increased regulations senior leaders at all levels are pressured to
improve their organizations risk management capabilities But no one is showing them how
until nowppLearn the fundamentals of developing a risk management program from the man who wrote the book
on the topic Ron Ross computer scientist for the National Institute of Standards and
Technology In an exclusive presentation Ross lead author of NIST Special Publication 80037
the bible of risk assessment and management will share his unique insights on how toppSr Computer Scientist Information Security Researcher
National Institute of Standards and Technology NISTppWas added to your briefcaseppRussian Police Bust Suspected Meduza Infostealer DevelopersppRussian Police Bust Suspected Meduza Infostealer Developerspp
Just to prove you are a human please solve the equation
ppSign in now ppNeed help registering
Contact support
ppComplete your profile and stay up to dateppContact Support ppCreate an ISMG account now ppCreate an ISMG account now ppNeed help registering
Contact support
ppSign in now ppNeed help registering
Contact support
ppSign in now ppOur website uses cookies Cookies enable us to provide the best experience possible and help us understand how visitors use our website By browsing bankinfosecuritycom you agree to our use of cookiesp
Cybercrime
Fraud Management Cybercrime
ppRussian police arrested three young IT specialists suspected of developing and selling the Meduza credentialharvesting malware ppSee Also Why Cyberattackers Love Living Off the LandppAuthorities from Russias Ministry of Internal Affairs of Russia together with police investigators charged the men with developing and supplying the informationstealing malware and linked it to an attack that breached and stole data from a government institution in the countrys southern Astrakhan region in May said a ministry spokeswoman in a Russianlanguage post to Telegram ppPolice arrested all of the suspects in or around Moscow and seized computing equipment communication devices and payment cards Authorities didnt specify the suspects identities or dates of arrest or under what terms they may have been bailed They accused the men of gaining unauthorized access to data from one of the institutions in the Astrakhan region referring to a Russian province bordering the Caspian Sea ppNot to be confused with Medusa ransomware the Meduza infostealer first appeared in mid2023 and has been sold across Telegram channels and cybercrime forums ppIts popularity among cybercriminals and ties to the wider cybercrimeasaservice ecosystem has been well documented When the US Department of Justice in July sanctioned Aeza Group a bulletproof hosting service it said the Meduza Lumma and RedLine infostealers all used the providerppInvestigators established that about two years ago the attackers developed and began distributing software called Meduza through hacker forums the ministry spokeswoman said It is designed to steal account credentials information about crypto wallets and other computer datappPriced from 199 for a onemonth subscription to 1199 for lifetime access Meduza positions itself as a superior alternative to established stealers like RedLine Raccoon and Vidar and boasts a userfriendly GUI for attackers allowing easy customization and log management said cybercrime intelligence firm Hudson Rock ppCriminal use of infostealers continues to surge collectively accounting for 58 million host and device infections and nearly 2 billion stolen credentials harvested just in the first half of this year said threat intelligence firm FlashpointppThese stolen credentials are batched into a single infostealer log for each infected system Such files circulate on illicit marketplaces and Telegram channels and have transformed such attacks into a pathway for gaining corporate network access and launching subsequent operations Ian Gray Flashpoints vice president of intelligence told Information Security Media GroupppWhether these arrests are part of a wider crackdown isnt yet clear This isnt the first time Russian authorities have targeted homegrown cyber threats but the focus on an infostealer like Meduza often sold as a subscription service on dark web forums suggests a broader effort to curb tools that fuel global data breaches Hudson Rock said ppThe arrest of suspected Meduza developers comes amid reports from cyber Kremlinologists that the countrys intelligence establishment is making increased efforts to recruit wield and otherwise shape homegrown cybercrime resources as deniable assets for statesanctioned cyber operations see Kremlin Shaping Cybercrime Into Deniable Geopolitical Tool ppButtressing the crackdown theory are the April arrests of several employees bulletproof host Aeza Group Among the detained was Yuril Meruzhanovich Bozoyan the general director and coowner The ministry accused them of creating a criminal community Russian media reportedppBut apparent Russian crackdowns on cybercriminals are frequently less about enforcement and more about optics said Alexander Leslie a senior adviser at Recorded Future in a LinkedIn post ppRussians accused of any type of domestic cybercrime typically face markedly less severe penalties compared to many other countries Some exceptions apply including for anyone accused of facilitating drug trafficking who risk being sent to one of the countrys harsh penal colonies see Russia Slams Life Sentence on Hydra Darknet Markets Founder ppExecutive Editor DataBreachToday Europe ISMGppSchwartz is an awardwinning journalist with two decades of experience in magazines newspapers and electronic media He has covered the information security and privacy sector throughout his career Before joining Information Security Media Group in 2014 where he now serves as the executive editor DataBreachToday and for European news coverage Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading among other publications He lives in Scotlandpp
ppCovering topics in risk management compliance fraud and information securityppBy submitting this form you agree to our Privacy GDPR StatementppwhitepaperppwhitepaperppStandards Regulations ComplianceppFraud Management CybercrimeppData PrivacyppFraud Management CybercrimeppData PrivacyppContinue pp
90 minutes Premium OnDemand
ppOverviewppFrom heightened risks to increased regulations senior leaders at all levels are pressured to
improve their organizations risk management capabilities But no one is showing them how
until nowppLearn the fundamentals of developing a risk management program from the man who wrote the book
on the topic Ron Ross computer scientist for the National Institute of Standards and
Technology In an exclusive presentation Ross lead author of NIST Special Publication 80037
the bible of risk assessment and management will share his unique insights on how toppSr Computer Scientist Information Security Researcher
National Institute of Standards and Technology NISTppWas added to your briefcaseppRussian Police Bust Suspected Meduza Infostealer DevelopersppRussian Police Bust Suspected Meduza Infostealer Developerspp
Just to prove you are a human please solve the equation
ppSign in now ppNeed help registering
Contact support
ppComplete your profile and stay up to dateppContact Support ppCreate an ISMG account now ppCreate an ISMG account now ppNeed help registering
Contact support
ppSign in now ppNeed help registering
Contact support
ppSign in now ppOur website uses cookies Cookies enable us to provide the best experience possible and help us understand how visitors use our website By browsing bankinfosecuritycom you agree to our use of cookiesp
