U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

DoJ seizes $2.8M linked to Zeppelin Ransomware

DoJ seized $2.8M in crypto from Ianis Antropenko, indicted in Texas and tied to the defunct Zeppelin ransomware. The U.S. Department of Justice (DoJ) seized more than $2.8 million in cryptocurrency from Ianis Aleksandrovich Antropenko. Antropenko was allegedly involved in now defunct Zeppelin ransomware operation (2019 – 2022), he also laundered proceeds via ChipMixer and structured […]

Scattered Spider DOJ

DoJ seized $2.8M in crypto from Ianis Antropenko, indicted in Texas and tied to the defunct Zeppelin ransomware.

The U.S. Department of Justice (DoJ) seized more than $2.8 million in cryptocurrency from Ianis Aleksandrovich Antropenko.

Antropenko was allegedly involved in now defunct Zeppelin ransomware operation (2019 – 2022), he also laundered proceeds via ChipMixer and structured cash deposits.

The man faces charges in the Northern District of Texas for computer fraud, abuse, and conspiracy to commit money laundering. Law enforcement also seized $70,000 in cash and a luxury vehicle.

“The Department of Justice unsealed six warrants yesterday in the U.S. District Courts for the Eastern District of Virginia, the Central District of California, and the Northern District of Texas authorizing the seizure of over $2.8 million in cryptocurrency, $70,000 in cash, and a luxury vehicle.” reads the press release published by DoJ. “All of the cryptocurrency was seized from a cryptocurrency wallet controlled by Ianis Aleksandrovich Antropenko, who is charged by indictment in the Northern District of Texas for conspiring to commit computer fraud and abuse, computer fraud and abuse, and conspiracy to commit money laundering.”

According to the indictment, Antropenko and his accomplices used Zeppelin ransomware to attack individuals, businesses, and organizations worldwide, including in the U.S. They encrypted and exfiltrated victims’ data, demanding ransoms to decrypt files, prevent publication, or ensure deletion.

“Computer Crime and Intellectual Property Section (CCIPS) investigates and prosecutes cybercrime in coordination with domestic and international law enforcement agencies, often with assistance from the private sector.” concludes DoJ. “Since 2020, CCIPS has secured the conviction of over 180 cybercriminals and obtained court orders for the return of over $350 million in victim funds. CCIPS and its partners have also disrupted multiple ransomware groups, preventing victims from having to pay over $200 million in ransom payments.” 

Zeppelin ransomware had been active since 2019, it targeted healthcare and IT firms via MSP flaws. After dormancy, it resurfaced in 2021 with sloppy encryption updates. By November 2022, the operation was defunct. In January 2024, reports revealed its source code was sold on a hacking forum for just $500, marking the ransomware’s downfall and commoditization.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Zeppelin ransomware)