Image: NCA
Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet.
Advertisement
In December 2019, the U.S. government sanctioned Evil Corp. In its report Mandiant says it believes the group has moved to using LockBit in an effort “hinder attribution efforts in order to evade sanctions.” Evil Corp using LockBit to avoid sanctions could make sense because LockBit acts as a ransomware-as-a-service. With this, affiliate hackers can break into a target and then use the ransomware in an attempt to extort money from the victim. After a successful payment, the affiliate hackers then transfer a percentage of that money to the LockBit authors, LockBit’s website reads. In other words, a lot of different hackers use LockBit, and Evil Corp could blend into the crowd and still receive payments because its victims might not realize they are dealing with a sanctioned entity.Do you have any more information on Evil Corp or LockBit? We'd love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on jfcox@jabber.ccc.de, or email joseph.cox@vice.com.
Advertisement