Worst Hackers Avoid Attacks on Eastern European Countries: Report


Some of the most notorious hackers avoid attacks on organizations in Eastern European countries.

According to cybersecurity news site Krebson Security, the criminal organization behind the Colonial Pipeline cyberattack, DarkSide and other prominent hacker groups have partners install malicious software on computers that speak a certain language. That is forbidden.

This has been the case since the dawn of organized cybercrime, “with the aim of minimizing surveillance and interference by local governments,” said Krebs in a post in which certain malware was found in Russia. A virtual keyboard in Russian or Ukrainian is installed.

On Saturday, May 13, 2017, a screenshot of a warning screen alleged to be a ransomware attack was displayed on a laptop in Beijing by a Taiwanese computer user.
(AP photo / MarkSchefelbein)

Biden provided Putin’s list of the 16 most important infrastructure facilities that are “not allowed” against cyber attacks

Cybereason, a cybersecurity firm, confirmed in April that the dark side is being used against targets in English-speaking countries and bypassing targets in countries related to the former Soviet bloc countries. I pointed this out.

According to an April Cybereason report, “DarkSide ransomware checks the system’s language the first time it is run on an infected host to ensure systems in former Soviet-speaking countries are not encrypted. I will do that. “

According to a Cybereason post, there is a prohibited installation list used by DarkSide based on the language of the software on the victim’s computer.

These include Russian, Azerbaijani, Uzbek, and Ukrainian.

WINDOWS 10 has ransomware protection built in: How to Use

The Photon research team at Digital Shadows, a cyber risk protection company, said in a notice sent to Fox News that the Avaddon ransomware contains a ban targeting the Commonwealth of Independent States (CIS) countries.

“The threat actors who specialize in different types of cybercrime adhere to this rule. This is not limited to ransomware groups. Many Russian cybercrime platforms have members who are victims of this area. The rules expressly state that we should avoid using ransomware, ”says the Photon Research Team. ..

According to Inga Goddijn, Executive Vice President of Risk Based Security, cyber criminals behave like any other criminal company.

Click here for the Fox News app

“They prefer to work in places where law enforcement agencies are loose, underfunded, or where they tend to turn a blind eye to their activities,” Godin said. “If you have the authority to allow business continuity in exchange for some protection from your local company, it’s not surprising that attackers are trying to enforce that requirement.”


About Author

Leave A Reply