Leader of pro-Russia DDoS crew Killnet unmasked by Russian state media

Leader of pro-Russia DDoS crew Killnet unmasked by Russian state media

November 27, 2023 at 06:11AM

A man believed to be the leader of the cybercrime gang Killnet, known as “Killmilk,” has allegedly been exposed by Russian state media. Killmilk is known for launching major attacks on targets like US government agencies and hospitals. The FBI’s takedown of the Qakbot botnet has significantly reduced attempted exploits using the malware. The Australian government has backtracked on its proposal to ban ransomware payments and instead plans to implement a no-fault, no-liability reporting service. Justin Sun, founder of Poloniex exchange, has suffered losses of around $250 million in crypto assets due to multiple attacks.

Meeting Takeaways:

1. Russian Cybercriminal: Moscow-based Gazeta.ru has allegedly outed the leader of the cybercrime group Killnet, known as “Killmilk.” Killmilk has targeted various organizations, including US government agencies and the European Parliament. He has faced criticism within the cybercrime underworld but is feared due to his tendency to retaliate and reveal the identities of competitors.

2. Qakbot Takedown: The FBI’s takedown of the Qakbot botnet in August has resulted in a significant decrease in exploit attempts. While some attempts still remain, it is expected that Qakbot will be completely eradicated by the end of the next quarter.

3. Living-off-the-Land Attacks: Most attacks (56 percent) do not use malware but instead employ living-off-the-land methods, using legitimate tools like remote monitoring applications to blend in with normal network traffic. This stealthy persistence can lead to follow-on attacks such as data theft or ransomware.

4. Ransomware Payments in Australia: The Australian government has decided not to ban ransomware payments at this time. It plans to implement a no-fault, no-liability reporting service to mandate ransomware incident reporting across the country. Additionally, the government will create a ransomware playbook to guide businesses and individuals on dealing with and recovering from ransom demands.

5. Crypto Losses: Justin Sun, the investor behind the Poloniex exchange, has suffered significant losses with two additional crypto projects, HTX exchange and Heco Chain, being attacked. The losses amount to approximately $130 million. Another crypto investment house, Kronos Research, also experienced an attack resulting in a loss of $26 million in crypto assets. The company reassured that the losses would not have a major impact and that it would resume servicing exchanges and token projects.

Note: These takeaways are generated based on the provided meeting notes and are subject to any missing or incomplete information.

Full Article