Mikhail Pavlovich Matveev, a Russian national indicted by the U.S. government for leading a global ransomware operation, was involved in developing LockBit, Babuk, and Hive ransomware variants. Swiss cybersecurity firm PRODAFT’s analysis shows Matveev and his team’s strategies include forcing ransom payments and retaining files after payment. The data also suggest a connection between Matveev and Evgeniy Mikhailovich Bogachev, a Russian national linked to the GameOver Zeus botnet and Evil Corp.
Novel SSH backdoor leveraged in Chinese cyberespionage attacks
The new Coyote trojan variant attack uses a LNK file to execute a PowerShell command, which helps retrieve a PowerShell script for launching the trojan.
