This was read this morning, thought I scheduled or even posted this but didn’t.
This may be a first, or second, or maybe even a third. But this does not happen very often.
According to Russin law, as long as you don’t target their own, you’re safe from the law. I personally think that needs to change, but that’s me dreaming amd that’ll probably never happen.
With that said, several members of the Medusa gang have been picked up recently, and the spokesperson who posted a message to Telegram went in to complete detail on what is going on.
Medusa went after one of their own, which caused a criminal investigation under the law.
Let me tell you something, spokesperson, whether you are dealing within the country or outside of the country, it is still a crime. The fact that Medusa was built to steal shit and you know it should be proof enough that these guys, whoever they are, should all be picked up.
There should be no preferential treatment just because they are within your borders or not.
The Russian authorities have arrested three individuals in Moscow who are believed to be the creators and operators of the Meduza Stealer information-stealing malware.
The action was announced on Telegram by Irina Volk, a police general and official from the Russian Ministry of Internal Affairs.
“A group of hackers who created the infamous ‘Meduza’ virus have been detained by my colleagues from the Department for Combating Cybercrime (UBK) of the Russian Ministry of Internal Affairs, together with police officers from the Astrakhan region,” stated Volk.
Here is some information about what Medusa was, in case people are new to the blog.
Medusa is an infostealer that steals account credentials, cryptocurrency wallet data, and other information stored in users’ web browsers.
It was distributed to cybercriminals under a malware-as-a-service model, in which access was provided in exchange for a subscription fee.
Meduza was among the more technically advanced information stealers on the dark web market, capable of “reviving” expired Chrome authentication cookies since December 2023 to facilitate account takeovers.
Here is info from the spokesperson which finishes the article.
Researcher’ g0njxa’, who monitors the info-stealer space closely, says the same group of cybercriminals was also behind Aurora Stealer, a malware-as-a-service that gained traction in 2022.
While Russia has a history of overlooking cybercriminal activity within its borders as long as the actors do not target Russian people or organizations, Volk said that some Meduza operators targeted an institution in Astrakhan, southern Russia, in May and stole confidential data from its servers.
This led the authorities to open a criminal case against the perpetrators under Part 2, Article 273 of the Russian Criminal Code for the “creation, use, and distribution of malicious computer programs.”
The acquired information helped the investigators determine that the three detainees had developed and were distributing a botnet malware too, capable of disabling security protections on the target systems.
Volk concluded the public statement by saying that the authorities are now working to identify all accomplices, so follow-up operations are likely.
Go figure.
Alleged Meduza Stealer malware admins arrested after hacking Russian org is the full article if you wish to go and read it.
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.