Summary: Authorities in Australia, the United Kingdom, and the United States have imposed financial sanctions on Aleksandr Ermakov, a Russian man accused of stealing data on nearly 10 million customers of Medibank, an Australian health insurance company. Ermakov is alleged to have worked with the ransomware group REvil. The allegations against Ermakov mark the first time Australia has sanctioned a cybercriminal. The sanctions suggest that Ermakov operated under multiple aliases on Russian cybercrime forums, including GustaveDore, JimJones, and Blade Runner. The connection between Ermakov and Mr. Shefel, also known as Rescator, was revealed through email and domain name registrations. The REvil group was disrupted by law enforcement in 2021, but there is evidence that Ermakov's group was connected to REvil. Ermakov's alleged association with REvil makes him a target as a person likely to possess significant amounts of cryptocurrency.

Hashtags: #Cybercriminal #MedibankHacker #AleksandrErmakov #REvil #Sanctions #RussianCybercrime #Ransomware #Cybersecurity

https://krebsonsecurity.com/2024/01/who-is-alleged-medibank-hacker-aleksandr-ermakov/