News

U.S. Offers Up to $2.5M Reward for Information on Belarusian Cybercriminal.

Kornak214
Kornak214
5 Min Read

The U.S. Department of State has announced a reward of up to $2.5 million for information leading to the arrest and/or conviction of Volodymyr Iuriyovych Kadariya, a Belarusian national involved in a major cybercrime operation. Kadariya is accused of participating in a significant malware distribution scheme that spanned nearly a decade, from October 2013 to March 2022.

Contents
What is AEK ?Key Features of Angler Exploit Kit:Decline and Shutdown:Impact:

Kadariya is linked to the distribution of the Angler Exploit Kit (AEK), a tool used by cybercriminals to deliver malware to millions of unsuspecting users through deceptive online advertisements, a technique known as “malvertising.” These ads often redirected users to malicious sites or servers designed to infect their devices or steal sensitive information. The malware delivered through these campaigns caused extensive financial losses and compromised numerous electronic devices globally.

What is AEK ?

The Angler Exploit Kit was one of the most notorious and widely used exploit kits in the mid-2010s. Exploit kits are automated tools used by cybercriminals to scan for vulnerabilities in a victim’s system and deliver malicious payloads, such as ransomware, trojans, or other forms of malware.

Key Features of Angler Exploit Kit:

  1. Delivery Mechanism:
    • Angler typically spread through compromised websites, malvertising (malicious advertisements), and phishing emails. When a user visited a compromised website or clicked on a malicious ad, Angler would silently probe the visitor’s system for vulnerabilities.
  2. Exploits Used:
    • Angler targeted a wide range of vulnerabilities, especially in widely used software like Adobe Flash, Java, Microsoft Silverlight, and Internet Explorer. It constantly updated to include new exploits, often integrating zero-day vulnerabilities.
  3. Sophisticated Evasion Techniques:
    • Angler was known for its advanced evasion capabilities, making it difficult for security software to detect. It employed techniques like fileless attacks (where the malware executes directly in memory without leaving traces on the disk), encrypted communications, and sophisticated obfuscation methods.
  4. Payloads:
    • The primary goal of Angler was to deliver malware. It was used to distribute various types of malicious software, including ransomware (like CryptoWall), banking trojans, and keyloggers. The specific payload would depend on the campaign and the targeted victim.
  5. Customization and Automation:
    • Angler was highly automated, allowing cybercriminals to launch large-scale campaigns with minimal effort. It also offered customization options, enabling attackers to choose specific vulnerabilities to exploit and payloads to deliver.

Decline and Shutdown:

  • Law Enforcement Action: In mid-2016, law enforcement agencies, particularly in Russia, took significant actions against the operators of the Angler Exploit Kit. This led to a noticeable decrease in its activity and eventual disappearance from the threat landscape.
  • Emergence of Alternatives: After the shutdown of Angler, other exploit kits like Neutrino and Rig attempted to fill the gap, but none matched Angler’s level of sophistication and widespread use.

Impact:

  • Angler was responsible for a significant amount of malware distribution during its peak. It played a major role in the proliferation of ransomware and other malware, causing extensive financial damage to businesses and individuals.

In June 2023, Kadariya was indicted by a federal grand jury in New Jersey on charges including conspiracy to commit wire fraud and computer fraud. The indictment outlines his involvement in various schemes that not only distributed malware but also tricked victims into downloading harmful software or revealing personal and financial information through fake security alerts—commonly referred to as “scareware.”

This reward offer is part of the U.S. government’s efforts to combat transnational organized crime, particularly in the cyber realm, and reflects the significant threat posed by such criminal activities to both U.S. and global cybersecurity.

If you have information about Kadariya, the U.S. government encourages you to contact the U.S. Secret Service or your nearest U.S. Embassy or Consulate​(SecretService,PublicNow).

More Read

US Governement
U.S. and Russia Swap High-Profile Cybercriminals in Largest Prisoner Exchange Since Cold War
Admins of ‘WWH-Club credit card’ market arrested .
TAGGED:
Share This Article
Previous Article Qilin Ransomware : A New Polymorphic Malware attacking sensitive Industries.
Next Article Build Your Own IoT Mobile App With Blynk.
Leave a comment

What Do You Consider the Most Challenging Cybersecurity Vulnerability to Mitigate?

  • Advanced Persistent Threats (APTs) 50%, 2 votes
    2 votes 50%
    2 votes - 50% of all votes
  • Phishing and Social Engineering 25%, 1 vote
    1 vote 25%
    1 vote - 25% of all votes
  • Ransomware 25%, 1 vote
    1 vote 25%
    1 vote - 25% of all votes
  • Insider Threats 0%, 0 votes
    0 votes
    0 votes - 0% of all votes
  • Supply Chain Attacks 0%, 0 votes
    0 votes
    0 votes - 0% of all votes
  • Zero-Day Exploits 0%, 0 votes
    0 votes
    0 votes - 0% of all votes
  • Cloud Security Misconfigurations 0%, 0 votes
    0 votes
    0 votes - 0% of all votes
Total Votes: 4
August 14, 2024 - September 30, 2024
Voting is closed

Thanks for your opinion !

Latest Articles

Why Pixhawk Stands Out: A Technical Comparison of Flight Controllers.
DIY Projects Gadgets & Electronics
How hackers are making millions selling video game cheats ?
Cybersecurity News
$16.5 Million Lottery Scam That Shook America’s Lotteries.
Cybersecurity
The Rise of Sentient AI: Are We Facing a New Reality?
A.I

Stay Connected