UK cracks down on Evil Corp cybercriminals linked to Russia and attacks on NATO member states

Shape of Russia filled with Russian flag-colored internet codes on a black hacking background

(Image credit: Getty Images)

The UK National Crime Agency (NCA) has sanctioned 16 people belonging to the Evil Corp. cybercriminal organization, which has links to the Lockbit ransomware group and the Russian state.

Evil Corp. originated as a Moscow-based family financial crime group before graduating into the world of cybercrime, successfully stealing at least $300 million from healthcare, critical national infrastructure, government, and other organizations around the world.

Evil Corp, FSB, and LockBit

In 2019, an NCA investigation culminated in the US sanctioning the Evil Corp. head, Maksim Yakubets, and an administrator for the organization, Igor Turashev, alongside several other members. However, today's additional sanctions from the UK Foreign, Commonwealth and Development Office now encompasses both Yukabets and Turashev, alongside seven other individuals.

Among them is Aleksandr Ryzhenkov, an ally of Yakubets and LockBit affiliate with links to numerous ransomware attacks identified during Operation Cronos. Ryzhenkov was also identified as a perpetrator in a number of BitPaymer ransomware attacks against US organizations, and received an unsealed indictment from the US Department of Justice.

Among those sanctioned with strong links to the Russian state are Yakubets’ father, Viktor Yakubets, and former FSB official and father-in-law, Eduard Benderskiy. Speaking on the sanctions, James Babbage, Director General for Threats at the NCA said, “The action announced today has taken place in conjunction with extensive and complex investigations by the NCA into two of the most harmful cybercrime groups of all time.”

"These sanctions expose further members of Evil Corp, including one who was a LockBit affiliate, and those who were critical to enabling their activity,” Babbage continued.

"Since we supported US action against Evil Corp in 2019, members have amended their tactics and the harms attributed to the group have reduced significantly. We expect these new designations to also disrupt their ongoing criminal activity.

"Ransomware is the most significant cybercrime threat facing the UK and the world. The NCA is dedicated to working with our partners in the UK and overseas, sharing intelligence and working to disrupt the most sophisticated and harmful ransomware groups, no matter where they are or how long it takes,” Babbage concluded.

More from TechRadar Pro

These are the best internet security suites
Trump campaign now claims it boasts ‘unhackable’ tech
Take a look at the best antivirus

Benedict has been with TechRadar Pro for over two years, and has specialized in writing about cybersecurity, threat intelligence, and B2B security solutions. His coverage explores the critical areas of national security, including state-sponsored threat actors, APT groups, critical infrastructure, and social engineering.

Benedict holds an MA (Distinction) in Security, Intelligence, and Diplomacy from the Centre for Security and Intelligence Studies at the University of Buckingham, providing him with a strong academic foundation for his reporting on geopolitics, threat intelligence, and cyber-warfare.

Prior to his postgraduate studies, Benedict earned a BA in Politics with Journalism, providing him with the skills to translate complex political and security issues into comprehensible copy.