Written by AJ Vicens
Oct 20, 2021 | CYBERSCOOP
Evil Corp., one of the most notorious and prolific Russian cybercrime groups in recent years with a leader who has been accused of working with Russian intelligence, was reportedly behind last weekend’s cyberattack on Sinclair Broadcast Group.
The revelation, first reported by Bloomberg Wednesday, is noteworthy because the U.S. Treasury department sanctioned the group in December, 2o19, making any U.S. company’s transactions with it illegal. The group used a new strain of malware called Macaw in the Sinclair attack, said Allan Liska, a senior threat analyst at Recorded Future.
The Justice Department also announced a sealed indictment against Evil Corp. leader Maksim Yakubets in 2019 the same day as the Treasury sanctions. The U.S. government accused Yakubets and another Russian national, Igor Turashev, of being behind malware strains known as Bugat and Dridex, which authorities say hackers employed to target hundreds of banks in more than 40 countries and net the group at least $100 million.
The U.S. government also accused Yakubets of providing “direct assistance” to the Russian spy agency the Federal Security Service, also known as the FSB.
A Sinclair spokesperson did not immediately respond to a request for