The US Department of Justice (DOJ) has cracked down on a cybercrime group affiliated with a sophisticated type of malware that helped them rack up more than $16 million in ransom payments.

Earlier this week, the DOJ unsealed criminal charges against Roman Berezhnoy and Egor Nikolaevich Glebov, two Russian nationals accused of operating a cybercrime group that used Phobos ransomware to attack more than 1,000 public and private entities.

The scheme. Between 2019 and 2024, Berezhnoy and Glebov, among others, allegedly obtained unauthorized access to the computers of their victims through credential theft and other mediums in a bid to steal sensitive data. Once they gained access to the computers, the cybercrime group installed and deployed the Phobos ransomware to encrypt data found on the devices, making it inaccessible to the victims it belonged to.

The accused duo would then leave ransom notes requesting Bitcoin payments in order to decrypt the data in the form of files on the compromised computers, according to court documents. Berezhnoy and Glebov would follow up those files with emails or phone calls to victims threatening to sell or expose the stolen data if the payment was not fulfilled. The cyber group was also accused of using an X account, formerly known as Twitter, to intimidate their victims, and a darknet website, where they would publish stolen data.

Read the rest here.—BM

Who says jobs aren’t being created? A new executive position became part of the C-suite in January, which also saw AI shuffling and two high-profile departures.

New role, CDO, created at F5

Cloud security firm F5 has created a new position, chief digital officer, and appointed Alvina Antar to the role. Antar, a nearly three-decade veteran of the tech industry, said on LinkedIn that she was happy to be “leading F5’s transformation from hardware to software and subscription.”

Antar was most recently CIO at identity platform Okta, where she worked for over three and a half years. Prior to Okta, she was CIO at subscription software firm Zuora for six years following a more than 16-year stint at Dell, working her way up to director of mergers and acquisitions from senior programming analyst.

Jonathan Lachman leaves OpenAI for new research project

Jonathan Lachman, OpenAI’s head of special projects, left the company in January to join Mira Murati’s new AI research lab startup. Murati’s mysterious firm doesn’t have a name or a launch date yet, but it’s generating buzz and taking on staff from rivals across the AI sector.

Lachman was only at OpenAI for about 18 months, following five years as head of strategic operations at digital banking firm Blend. He has significant public sector experience, including five years in administration at the Department of Defense and over two years as associate director for national security programs at the Office of Management and Budget.

Read more here.—EH

Federal agencies are having a Rear Window moment, but they don’t know who’s behind the binoculars.

On Jan. 15, Google began rolling out an update to its Workspace utility suite that turned on its AI assistant, Gemini. For some companies—including Morning Brew—this update arrived without warning and required IT staff to disable the feature. That’s because the feature is opt-out, José Castañeda, a Google spokesperson, told IT Brew via email.

For staffers at beleaguered federal agency USAID, the update came as a surprise at a time when they were already under stress due to job cuts and uncertainty about the future. Staffers were told by leadership during a meeting in late January that Gemini was turned on and likely recording any conversations using the company’s Workspace features.

According to two sources at the agency, who spoke to IT Brew anonymously for fear of retaliation, the warning came as agency leadership in the Jan. 31 Google Meet agency meeting seemed to be acting stilted and scripted. Often, one of the sources explained, such meetings are not recorded and thus staff feels comfortable being candid, so the difference was noticeable to them.

The warnings about the AI tool, the sources said, were delivered verbally. Another concern expressed by sources is that private conversations, like HR reports, could conceivably be recorded.

Keep reading here.—EH