US Authorities Crack Down on Zeppelin Ransomware, Charging Operator and Seizing Millions in Cryptocurrency and Other Assets
The US DOJ charged a Zeppelin ransomware operator, seizing $2.8 million in crypto, cash, and assets. The case highlights ransomware’s global threat despite law enforcement progress in arrests, asset seizures, and malware takedowns.
Tech Author
The US Department of Justice (DOJ) filed charges against a ransomware operator associated with the Zeppelin malware. Authorities reportedly seized more than $2.8 million in cryptocurrency, as well as $70,000 in cash and a luxury vehicle, which are thought to be proceeds from the criminal plot.
The suspect, Ianis Aleksandrovich Antropenko, allegedly utilised Zeppelin ransomware to target businesses, organisations, and individuals worldwide. His tactics included encrypting and stealing victims' data before demanding ransom payments to restore access and prevent the stolen information from being leaked online.
Antropenko and his group demanded cryptocurrency payment, as did other ransomware operators.The DOJ revealed that they concealed illegal funds and transformed virtual assets into cash, which was subsequently deposited in smaller quantities to prevent detection.”
Antropenko is now facing a number of serious allegations, including conspiracy to commit computer fraud and abuse, as well as illegal fund transfer.
The Zeppelin ransomware first appeared in 2019. It was based on the VegaLocker ransomware-as-a-service family and was known to target healthcare and technology organisations, mostly in Europe and the United States. The ransomware was sophisticated and frequently used in targeted attacks, causing significant interruptions for victims.
In 2022, the US cybersecurity agency CISA and the FBI issued a warning regarding Zeppelin. They discovered that the malware used Remote Desktop Protocol (RDP) connections and vulnerabilities in SonicWall firewall to get network access. In some situations, criminals launched the ransomware many times on the same system to maximise the harm.
However, Zeppelin's existence came to an end when flaws in its encryption system were discovered. Cybersecurity firm Unit 221B broke its encryption keys as early as 2020, allowing victims to access their data without paying ransoms.
This instance underscores the ongoing struggle against ransomware operations worldwide.While law enforcement has made progression with arrests and asset seizures, ransomware continues to pose a significant danger to organisations and individuals alike.
Information referenced in this article is from Securityweek
