“Stern,” Likely Most Prolific Ransomware Operator Ever, Sanctioned by EU as Action Targets Billions in Ransomware Damage
ID: b1a90e98-fb96-56c9-8259-797e84d7ff26
STIX ID: report--b1a90e98-fb96-56c9-8259-797e84d7ff26
Feed Name: Chainalysis Blog
On 13 July 2026 the US, UK, and EU announced one of their largest coordinated cyber enforcement actions to date, sanctioning a broad ecosystem of ransomware operators and enablers. Key designations include Vitaly "Stern" Kovalev (Trickbot/Conti administrator) — whose wallets received over $300M in ransom payments — VPN and cryptor providers implicated in facilitating extortion, LummaC2 infostealer developers, bullet‑proof hosting Media Land LLC, and Russian GRU Unit 29155 affiliates; the report highlights operational scale, cross‑jurisdictional coordination, and impacts to cryptocurrency compliance.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
