Risky Bulletin Srsly Risky Biz: Russia's cybercriminals and spies are officially in cahoots
May 29, 2025
Delve into the dark intersection of cybercrime and espionage as Russian hackers design malware for government use. Discover the evolving partnership between cybercriminals and state actors, raising eyebrows about strategic motivations pre-dating major conflicts. Learn about a new initiative aimed at centralizing intelligence data acquisition, along with the privacy concerns it entails. Plus, hear insights on delayed indictments and the intricate methods agencies use to monitor cyber activities. It's a thrilling ride through the shadowy world of cybersecurity!
AI Snips
Chapters
Transcript
Episode notes
Russian State-Criminal Cyber Link
- Russian DanaBot malware has two variants: one for criminal theft and one tailored for espionage by the state.
- This shows a formal, direct link between Russian cyber criminals and intelligence services rather than ad hoc arrangements.
Early Start to Espionage Variant
- The espionage variant of DanaBot malware was created before the Ukraine war, around 2021.
- This pushes back the timeline on how early and formal the Russian state-criminal cyber relationship began.
Self-Incriminating Malware Infection
- The indictment on DanaBot took years to unseal, possibly due to investigative strategy.
- The criminals infected their own computers with DanaBot, which helped law enforcement unmask them.