What’s new: The U.S. Department of Justice has seized over $2.8 million in cryptocurrency from Ianis Aleksandrovich Antropenko, a suspected operator of the now-defunct Zeppelin ransomware. Antropenko was indicted for computer fraud and money laundering, linked to ransomware attacks targeting various organizations worldwide from 2019 to 2022. In addition to the cryptocurrency, authorities confiscated $70,000 in cash and a luxury vehicle. Antropenko attempted to launder ransom payments using services like ChipMixer and other methods to evade detection.
Who’s affected
Organizations and individuals targeted by the Zeppelin ransomware, which exploited vulnerabilities in MSP software, particularly in the healthcare and IT sectors, are affected. The ransomware operation was active until late 2022, impacting a wide range of victims globally.
What to do
- Review security measures and patch vulnerabilities in MSP software to prevent ransomware attacks.
- Educate staff on recognizing phishing attempts and other tactics used by ransomware operators.
- Implement robust backup solutions to ensure data recovery in case of an attack.
