BrianKrebs

New, from me:

Authorities in Australia, the United Kingdom and the United States this week levied financial sanctions against a Russian man accused of stealing data on nearly 10 million customers of the Australian health insurance giant Medibank. 33-year-old Aleksandr Ermakov allegedly stole and leaked the Medibank data while working with one of Russia's most destructive ransomware groups, but little more is shared about the accused. Here's a closer look at the activities of Mr. Ermakov's alleged hacker handles.

https://krebsonsecurity.com/2024/01/who-is-alleged-medibank-hacker-aleksandr-ermakov/

tl;dr: Ermakov appears to have been a top member of the rapacious REvil ransomware group. He also runs an IT consulting business w/ a guy I identified in Dec. 2023 as Rescator, the hacker handle that sold tens of millions of payment cards stolen from Target and Home Depot in 2013 and 2014.

Who is Alleged Medibank Hacker Aleksandr Ermakov? – Krebs on Security

Jan 26, 2024 at 6:15pmWeb
Show threadBrianKrebsJan 26, 2024
BTW if you look closely at the ransomware affiliate program ad shown here you will see Gustav Dore (allegedly Ermakov) warns people against sharing information with law enforcement, researchers, or Krebs.
Show threadChristian AnderssonJan 26, 2024
@briankrebs they can share with bad friends of Krebs though.
Show threadMark LevisonJan 26, 2024
@briankrebs congrats
Show threadJared RimerJan 26, 2024
@briankrebs Why not Krebs? Krebs is a good guy, reporting on things that are valuable so we can stay safe out there.
Show threadklausfiendJan 27, 2024
@briankrebs When they name you by name, it means you've arrived.
Show threadMaybeMyMonkeysJan 26, 2024
@briankrebs he is quaking in his expensive boots