The US authorities have published a management scheme for Russian Evil Corp, which, in their opinion, is responsible for distributing ransomware.
The United States, U.K., and Australia have consistently added members of Evil Corp to their sanctions lists, with the last update being on October 1st.
One of the central figures in the organization, according to the US Department of the Treasury, is Eduard Benderskiy (Cyrillic: Эдуард Бендерский), a former FSB officer, businessman, and father-in-law to Evil Corp leader Maksim Yakubets.
The US Department of Treasury states that Bendersky, in 2019, used his connections to facilitate a business deal between Maksim Yakubets and official Dmitry Kozak. He also organized a meeting to discuss contracts between Yakutzk and German Gref, the head of Russia’s Sberbank.
Now, Benderski is the CEO, founder, and 100% owner of Russian companies Vimpel-Assistance and Solar-Invest. In a statement, the US Treasury Department said that Evil Corp was a Russian cybercrime organization responsible for developing and distributing the Dridex malware.
The Russian company Kaspersky Lab, which develops software to combat computer viruses, stated in 2017 that the main difference between Dridex and other malware was that it had existed since 2011 and was constantly evolving and becoming more complex.
In 2015, damage caused by Dridex was estimated at $40 million. Dridex’s main target was customers of banks and financial institutions. In the first months of 2017, Dridex had been active in several European countries with 60% of all incidents occurring in the UK, followed by Germany and France. There were no attempts to infect Russia with Dridex.
These individuals and entities linked to Evil Corp. were added to OFAC’s SDN List in October 1:
- BENDERSKIY, Eduard Vitalyevich (Cyrillic: БЕНДЕРСКИЙ, Эдуард Витальевич), Russia; DOB 25 Jun 1970; nationality Russia; citizen Russia;
- POGODIN, Vadim Gennadievich (Cyrillic: ПОГОДИН, Вадим Геннадьевич), Moscow, Russia; DOB 19 Mar 1986; POB Moscow, Russia; nationality Russia; Passport 642774845 (Russia);
- RAMAZANOV, Beyat Enverovich (Cyrillic: РАМАЗАНОВ, Беят Энверович), Moscow, Russia; DOB 05 Jan 1988; POB Moscow, Russia; nationality Russia; Passport 735947775 (Russia); alt. Passport 641209339 (Russia);
- RYZHENKOV, Aleksandr Viktorovich, Russia; DOB 26 May 1993; nationality Russia; Passport 643501126 (Russia);
- RYZHENKOV, Sergey Viktorovich, Moscow, Russia; DOB 15 Feb 1989; POB Uzbekistan; nationality Russia; Passport 712199247 (Russia);
- SHCHETININ, Aleksey Yevgenevich, Russia; DOB 22 Aug 1987; nationality Russia; Gender Male; Passport 760960574 (Russia); alt. Passport 713133176 (Russia);
- YAKUBETS, Viktor Grigoryevich (Cyrillic: ЯАКУБЕЦ, Виктор Григорьевич), Russia; DOB 19 Feb 1964;
- SOLAR-INVEST LLC (Cyrillic: ООО СОЛАР-ИНВЕСТ), Ul. Usacheva D. 29, K. 9, pom. IV, Komn. 16, Moscow 119048, Russia; Tax ID No. 9704025618 (Russia);
- VYMPEL-ASSISTANCE LLC (Cyrillic: ООО ВЫМПЕЛ-СОДЕЙСТВИЕ), Ul. Bobruiskaya, d.1, Moscow 121351, Russia; Per. Afanasevski B., d. 5/12, str. 7, Moscow, Russia; Tax ID No. 7731582597 (Russia).
