Evil Corp is a notorious cybercriminal group that has been active for over a decade. They are responsible for some of the biggest data breaches and cyber attacks in history. But what exactly have they done? Let’s take a closer look at Evil Corp’s major cyber crimes and attacks.
Target data breach
One of Evil Corp’s earliest and most infamous cyber attacks was the massive data breach at Target in 2013. They infiltrated Target’s payment systems and stole the personal and financial information of up to 110 million Target customers. This included names, mailing addresses, phone numbers, email addresses, and payment card data. The scale of the breach made it one of the largest retail data breaches in history at the time.
|Year||Number of records breached|
The fallout from the Target breach was enormous. The company faced heavy fines, lawsuits, and damage to its reputation. Meanwhile, Evil Corp made millions selling the stolen payment card data on the dark web. The Target hack put Evil Corp firmly on the map as a top cybercriminal threat.
JP Morgan Chase data breach
In 2014, Evil Corp set their sights on major financial institutions. They infiltrated the networks of JP Morgan Chase and stole sensitive data on over 83 million customers. This included names, addresses, phone numbers, email addresses, and account information. It remains one of the largest data breaches ever targeting a U.S. financial institution.
|Year||Number of records breached|
The JP Morgan Chase breach compromised highly sensitive financial information and caused major reputational damage. Meanwhile, Evil Corp profited by selling the stolen data online. The sophisticated hack highlighted their technical capabilities to target major corporations.
Equifax data breach
In 2017, Evil Corp organized and carried out the devastating Equifax breach that exposed the personal data of 147 million Americans. They exploited a vulnerability in Equifax’s systems to steal names, Social Security numbers, birth dates, addresses, and driver’s license information. This data could be used for identity theft and financial fraud.
|Year||Number of records breached|
The Equifax breach is considered one of the worst data breaches ever. The scope of sensitive information stolen made it a identity theft goldmine. Evil Corp was once again able to monetize the data by selling it online. Meanwhile, Equifax faced billions in costs related to the breach, including lawsuits, fines, and response efforts.
Deep Panda malware infections
In addition to data breaches, Evil Corp develops and spreads malware to infiltrate corporate networks and government agencies. One of their most successful malware campaigns involved the Deep Panda virus. First appearing in 2014, Deep Panda infected thousands of systems across industries like healthcare, energy, and manufacturing.
Deep Panda gave Evil Corp remote access and control over infected systems. They could steal sensitive files, monitor communications, and more. Even when detected, Deep Panda was difficult to remove due to advanced stealth capabilities baked into the malware.
Deep Panda let Evil Corp spy on major companies and government agencies around the world. They likely used intelligence gained from the malware to enable further targeted attacks.
WannaCry ransomware attacks
In 2017, Evil Corp unleashed the devastating WannaCry ransomware attacks. WannaCry encrypted data on infected computers and demanded ransom payments in Bitcoin to decrypt the files. It spread rapidly across 150 countries, infecting over 200,000 systems.
WannaCry had crippling impacts on businesses, hospitals, government agencies, and other critical infrastructure. With users unable to access essential files and systems, massive disruption and financial damage resulted. Evil Corp cashed in on millions in ransom payments from desperate victims.
|UK National Health Service|
WannaCry demonstrated Evil Corp’s ability to develop ransomware with worm-like capabilities to spread rapidly across networks. It highlighted weaknesses in cyber defenses across both private and public sectors.
Methbot ad fraud operation
Evil Corp diversified into cybercrime beyond data breaches and ransomware. In 2016, they developed and ran Methbot – a sophisticated ad fraud operation that stole over $5 million per day at its peak.
Methbot spoofed real web traffic to fraudulently generate ad revenue from ad networks like Google and Facebook. The bots impersonated human web browsing behavior to create fake ad impressions. This let Evil Corp earn lucrative payouts from ad networks with little risk of detection.
|Revenue per day||Fake video ad impressions|
|$5 million+||Over 300 million per day|
Methbot highlighted Evil Corp’s ability to innovate new types of cybercrime beyond conventional hacking and malware. Combining technical expertise with business savvy, they produced extremely profitable results from an audacious ad fraud scheme.
Dridex banking trojan
Evil Corp also develops and operates the Dridex banking trojan, one of the most dangerous pieces of financial malware. Active since 2014, Dridex mainly targets online banking credentials through phishing emails containing malicious attachments.
Once activated, Dridex initiates man-in-the-middle attacks to intercept banking credentials and perform unauthorized bank transfers. Dridex also contains keylogging and screenshot capture capabilities to steal additional financial data.
Dridex lets Evil Corp infiltrate bank accounts to steal large sums from companies, organizations, and individuals worldwide. The advanced trojan continues to evolve with new variants identified regularly.
GameOver Zeus botnet
Evil Corp has also run some of the most formidable botnets in the cybercrime world. The GameOver Zeus botnet infected over 1 million computers at its peak in 2012-2014. The sophisticated botnet stole banking credentials, financial data, and other sensitive information.
|2012-2014||Over 1 million|
GameOver Zeus Botnet demonstrated Evil Corp’s technical expertise in building and managing large-scale botnets for data theft and fraud.
Encryption services for cybercriminals
Evil Corp provides services and tools to other cybercriminals, including sophisticated encryption through its Cryptolocker ransomware-as-a-service.
This allowed other criminals to deploy ransomware with advanced encryption provided by Evil Corp. They could launch attacks while Evil Corp handled the complex back-end encryption and payment systems.
|Ransomware creation kit|
|Payment site hosting|
By offering services to other cybercriminals, Evil Corp made money while building relationships with the broader cybercrime world.
Sony Pictures hack
In 2014, Evil Corp allegedly orchestrated the destructive hack against Sony Pictures in retaliation over the film “The Interview.” They wiped data from thousands of computers and stole over 100 terabytes of files including upcoming movie scripts, sensitive emails, and employee data.
|Over 100 terabytes|
The Sony Pictures hack was a brazen cyber attack with a political motive. It demonstrated Evil Corp’s capabilities and willingness to attack major corporations in disruptive data breaches.
Evil Corp has proven to be one of the most formidable cybercrime groups active today. For over a decade, they have infiltrated some of the world’s largest companies and government agencies stealing sensitive data impacting billions of people. Driven by profit and unrestrained by ethics, they have pioneered innovative forms of cybercrime while causing massive financial and reputational damage to victims.
From data breaches to ransomware to ad fraud, Evil Corp’s scope of cyber attacks demonstrates their technical sophistication and criminal ambition. They take advantage of vulnerabilities across industries and borders, monetizing stolen data and paying little regard to the disruption caused. With their capabilities and global reach, Evil Corp remains a top cybercrime threat as long as profit motivates their constant innovation of new modes of attack.