US authorities have called on operators of extortion viruses not to pay under threat of sanctions.

The US Treasury Department’s Office of Foreign Assets Control (OFAC) has published a manual for victims of extortion programmes. The OFAC has stated that paying a ransom to extortion software operators who are subject to US sanctions will also be considered a violation of the sanctions.

Ofac Ransomware Advisory by ForkLog on Scribd

According to the document, companies or firms that „facilitate payments to cybercriminals on behalf of victims“ not only encourage cybercrime, but also risk violating regulatory rules.

OFAC called on companies attacked by extortionist viruses to immediately report the hacker attack to the regulator.

In the event that extortionists are sanctioned by the United States, contacting the Crypto Engine affected company with law enforcement will be a „significant mitigating factor“ for the company, the statement said.

Among the groups on the OFAC sanctions list are Cryptolocker developer Evgeny Bogachev, the creators of SamSam extortion software, the hacker group Lazarus and its subgroups connected with the extortionist WannaCry 2.0, as well as Evil Corp and its head Maxim Yakubets.

At the same time, the OFAC statement states that the management is „only explanatory and has no legal force“.

According to Group-IB research, encryption viruses disappeared from the top threats in the first half of 2020 – they accounted for only 1% of all hacker attacks.

Subscribe to ForkLog news at Telegram: ForkLog Feed is the whole news feed, ForkLog is the most important news and surveys.