Authorities have identified Aleksandr Viktorovich Ryzhenkov, a Russian national, as a significant figure within the infamous Evil Corp cybercrime organization and as an affiliate involved in the LockBit ransomware scheme.
Referred to by the alias “Beverley,” Ryzhenkov has reportedly been tied to the creation of more than 60 instances of LockBit ransomware and is suspected of trying to extort over $100 million from victims through ransom demands.
Reports indicate that Ryzhenkov was revealed as a result of information gathered during Operation Cronos, a collaborative investigation conducted with international partners.
Sources have disclosed that Ryzhenkov operated under the moniker “Beverley” and had connections to the pseudonym “mx1r” and the threat group UNC2165, a faction stemming from Evil Corp-affiliated elements.
Ryzhenkov has also faced sanctions from the United Kingdom’s Foreign, Commonwealth, and Development Office (FCDO), the U.S. Office of Foreign Assets Control (OFAC), and the Australian Department of Foreign Affairs and Trade (DFAT) due to his association with Evil Corp.
In a separate development, a 2023 indictment unsealed by the U.S. Department of Justice charges Ryzhenkov with utilizing the BitPaymer ransomware variant to target multiple victims in Texas and across the United States.
The indictment alleges that Ryzhenkov and his cohorts unlawfully accessed victims’ computer networks, deployed the BitPaymer ransomware, and demanded substantial ransom payments.
Deputy Attorney General Lisa Monaco stated, “The Justice Department is employing all available mechanisms to combat the ransomware menace comprehensively.”
“Today’s accusations against Ryzhenkov delineate how he and his accomplices illicitly acquired the sensitive information of innocent individuals and subsequently demanded ransom payments. Through partnerships with law enforcement agencies domestically and globally, we will persist in prioritizing the interests of victims and demonstrate to these malefactors that ultimately, they will be held accountable for their transgressions.”
Should they fall victim to ransomware attacks, individuals are advised to contact their nearest FBI field office. For additional resources on ransomware, please visit StopRansomware.gov.
The article “Authorities Unmasked LockBit Affiliate Evil Corp Key Member” was first published on Cyber Security News.