The Australian authorities has introduced sanctions for Aleksandr Gennadievich Ermakov, a Russian nationwide thought-about accountable for the 2022 Medibank hack and a member of the REvil ransomware group.
Medibank is a big medical health insurance supplier in Australia that suffered a ransomware assault in October 2022, inflicting operational and enterprise disruption.
The leaked information included names, electronic mail addresses, telephone numbers, bodily addresses, passport numbers, well being claims data, and well being supplier particulars.
According to the most recent modification of the Autonomous Sanctions doc (model F2024L00099), Ermakov used a number of aliases, together with Gustave Dore, aiiis_ermak, blade_runnerand JimJone.
While not a lot is thought about Ermakov, BleepingComputer discovered somebody utilizing the menace actor’s ‘GustaveDore’ alias to put up on the Russian-speaking XSS hacking discussion board and providing PHP growth companies.
Responsible for essentially the most damaging cyberattack in Australia’s historical past, as native media characterised it, was a ransomware gang known as ‘BlogXXX,’ which many believed to be a relaunch of the REvil operation that had shut down in October 2021.
In a press convention at Canberra, Australia’s Home Affairs and Cyber Security Minister confirmed that Ermakov was a member of the REvil ransomware operation and he was not among the many people that Russia detained in early 2022 underneath suspicion of being members of the REvil group.
Although Ermakov might not care in regards to the sanctions or discover methods to evade them, his criminal activity is prone to really feel the impact of those restrictions. The Head of the Australian Cyber Security Center, Abigail Bradshaw, explains that “cyber criminals commerce in anonymity.”
As the sanctions in response to the Medibank Private cyber incident have a monetary part, because of this whoever gives property to Ermakov, together with cryptocurrency or ransomware funds, could be committing an offense.
The Australian authorities believes that that is enough to discourage others from associating with Ermakov for monetary features, be they authorized or not.