The Ministry of Internal Affairs detained three members of the SugarLocker hacker group

The Ministry of Internal Affairs detained three members of the SugarLocker hacker group

Employees of the Ministry of Internal Affairs of Russia with the support of specialists from FAS.S.T. discovered and detained three members of the SugarLocker criminal extortion group. The criminals operated under the cover of an IT firm that offered services for creating landing pages, mobile applications, and online stores.

According to the investigation, the SugarLocker ransomware, also known as Encoded01, appeared as early as 2021. In January 2022, FACCT experts determined that part of SugarLocker’s infrastructure is located on Russian hosting. Later, due to a mistake made by the criminals, SugarPanel — the control panel of the ransomware — was discovered.

The FACCT specifies that the attackers worked under the banner of the legal IT firm Shtazi-IT, which offered services for the development of landing pages, mobile applications, scripts, parsers and online stores. The company openly recruited new developers.

In January 2024, three members of the SugarLocker group were arrested. During the search, laptops, mobile phones, traces of correspondence, and other digital evidence confirming their illegal activities were found in the suspects’ possession. The perpetrators were charged under Article 273 of the Criminal Code of the Russian Federation “Creation, use and distribution of malicious computer programs”.

Related posts