U.S. seizes $2.8 million in crypto from Zeppelin ransomware operator
What’s new: The U.S. Department of Justice has seized over $2.8 million in cryptocurrency from Ianis Aleksandrovich Antropenko, a suspected operator of the now-defunct Zeppelin ransomware. Antropenko was indicted for computer fraud and money laundering, with the ransomware operation targeting various individuals and organizations globally from 2019 to 2022. The seizure also included $70,000 in cash and a luxury vehicle. Antropenko attempted to launder ransom payments using services like ChipMixer, which was seized by authorities in March 2023.
Who’s affected
Organizations and individuals targeted by the Zeppelin ransomware, particularly in the healthcare and IT sectors, are affected. The ransomware operation exploited vulnerabilities in managed service provider (MSP) software to encrypt and exfiltrate data, demanding ransom payments for decryption.
What to do
- Review and strengthen security measures against ransomware, particularly in MSP software.
- Educate staff on recognizing phishing attempts and other tactics used by ransomware operators.
- Implement robust data backup solutions to mitigate the impact of potential ransomware attacks.
