Putinkrab

Threat Actor updated a month ago (2024-10-17T13:01:54.827Z)

Download STIX

Preview STIX

Putinkrab, a threat actor, is known for its involvement in the development and use of highly successful ransomware strains. Emerging onto the scene in 2019, Putinkrab first appeared on Russian cybercrime forums such as XSS, Exploit, and UFOLabs, where they sold ransomware source code written in C. Throughout the summer of that year, Putinkrab continually updated the community about new features being added to their ransomware strain and shared novel evasion techniques to avoid detection by security tools. The actor expressed confidence in their ransomware code, describing it as a game-changer and lucrative money machine. In May 2024, a collaborative effort between the FBI, UK National Crime Agency, and Europol led to the unmasking of Putinkrab's identity. The individual behind the alias was revealed to be Dimitry Yuryevich Khoroshev, also known as LockBitSupp or LockBit, a 31-year-old from Voronezh, Russia. Khoroshev was identified as the admin of the LockBit ransomware operation, a sophisticated campaign that had caused significant disruption and financial losses. Following his identification, sanctions were imposed against him. The case of Putinkrab underscores the importance of international cooperation in combating cyber threats. His activity highlights the potential for individuals or groups to leverage ransomware as a tool for generating substantial profits, while also demonstrating the evolving tactics used by such actors to evade detection. It further emphasizes the need for ongoing vigilance and innovation within the cybersecurity industry to counter such threats effectively.

Description last updated: 2024-10-17T12:50:38.540Z

What's your take? (Question 1 of 2)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.

Alias Description	Votes
Lockbit is a possible alias for Putinkrab. LockBit is a malicious software, or malware, known for its damaging and exploitative functions. It infiltrates systems via dubious downloads, emails, or websites, often without the user's knowledge, and can steal personal information, disrupt operations, or hold data hostage for ransom. The LockBit	2
LockBitSupp is a possible alias for Putinkrab. LockBitSupp, a prominent threat actor, has been identified as Russian national Dmitry Yuryevich Khoroshev. The group's activities have been under scrutiny due to its involvement in ransomware attacks and other cybercrimes. Khoroshev, who was operating under the aliases "LockBit" and "LockBitSupp," i	2

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Ransomware

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the Putinkrab Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securityaffairs	4 months ago	Russian nationals plead guilty to participating in the LockBit ransomware group
Securityaffairs	4 months ago	Russian nationals plead guilty to participating in the LockBit ransomware group
Securityaffairs	5 months ago	FBI obtained 7,000 LockBit decryption keys, victims should contact feds to get support
Krebs on Security	6 months ago	How Did Authorities Identify the Alleged Lockbit Boss?
Flashpoint	6 months ago	COURT DOC: U.S. Charges Russian National with Developing and Operating LockBit Ransomware