Russian hacker-linked REvil behind 2022 Australian cyberattack also targeted Hong Kong’s Dairy Farm
- REvil allegedly demanded a US$30 million ransom from Hong Kong-based retailer Dairy Farm during its 2021 cyberattack
- The Australian government says exposing the identity of Russian hacker Aleksandr Ermakov would stop him and his cyberbusiness
Notorious ransomware cybercriminal group, REvil, linked to Russian hacker Aleksandr Ermakov who has been named as the perpetrator of a prominent Australian cyberattack in 2022, was also responsible for an attack on Hong Kong-based retailer Dairy Farm previously.
The Australian government on Tuesday named and sanctioned Ermakov for the 2022 ransomware attack on Medibank that led to 9.7 million personal records stolen after the Australian insurer did not pay the ransom. Some of Medibank’s records were published on the dark web.
Canberra confirmed Ermakov was linked to REvil, which executed attacks globally between 2020 and 2021 including one on Dairy Farm group in 2021 while demanding an alleged ransom of US$30 million.
It is not clear whether Dairy Farm paid the ransom. Dairy Farm did not respond to a request for comment.
The Russian-based ransomware-as-a-service (RaaS) operation REvil, or short for “Ransomware Evil”, was dismantled by Russian authorities in early 2022, following pressures by other governments including the US to force the group offline.