|
(1)
|
under the heading ‘A. Natural Persons’, entries 1, 2, 13 and 14 are replaced by the following corresponding entries:
|
|
Name
|
Identifying information
|
Reasons
|
Date of listing
|
|
‘1.
|
GAO Qiang
|
Date of birth: 4 October 1983
Place of birth: Shandong Province, China
Address: Room 1102, Guanfu Mansion, 46 Xinkai Road, Hedong District, Tianjin, China
Nationality: Chinese
Gender: male
|
Gao Qiang is linked to the “APT10” (“Advanced Persistent Threat 10”) umbrella (a.k.a. “Red Apollo”, “CVNX”, “Stone Panda”, “MenuPass” and “Potassium”), and has been involved in “Operation Cloud Hopper”, a series of cyber-attacks with a significant effect originating from outside the Union and constituting an external threat to the Union or its Member States and of cyber-attacks with a significant effect against third States.
“Operation Cloud Hopper” has targeted information systems of multinational companies in six continents, including companies located in the Union, and gained unauthorised access to commercially sensitive data, resulting in significant economic loss.
Gao Qiang is associated with APT10 command and control infrastructure. Moreover, Huaying Haitai, a company used by APT10, and designated for providing support to and facilitating “Operation Cloud Hopper”, employed Gao Qiang. He is also associated with Zhang Shilong, who is linked to APT10 and who has also been employed by Huaying Haitai.
|
30.7.2020
|
|
2.
|
ZHANG Shilong
|
Date of birth: 10 September 1981
Place of birth: China
Address: Hedong, Yuyang Road No 121, Tianjin, China
Nationality: Chinese
Gender: male
|
Zhang Shilong is linked to the “APT10” (“Advanced Persistent Threat 10”) umbrella (a.k.a. “Red Apollo”, “CVNX”, “Stone Panda”, “MenuPass” and “Potassium”), and has been involved in “Operation Cloud Hopper”, a series of cyber-attacks with a significant effect originating from outside the Union and constituting an external threat to the Union or its Member States and of cyber-attacks with a significant effect against third States.
“Operation Cloud Hopper” has targeted information systems of multinational companies in six continents, including companies located in the Union, and gained unauthorised access to commercially sensitive data, resulting in significant economic loss.
Zhang Shilong is associated with APT10, including through the malware he developed and tested in connection with the cyber-attacks carried out by APT10.
Moreover, Huaying Haitai, a company used by APT10, and designated for providing support to and facilitating “Operation Cloud Hopper”, employed Zhang Shilong.
He is associated with Gao Qiang, who is linked to APT10 and who has also been employed by Huaying Haitai.
|
30.7.2020
|
|
13.
|
Mikhail Mikhailovich TSAREV
|
Михаил Михайлович ЦАРЕВ
Date of birth: 20.4.1989
Place of birth: Serpukhov, Russian Federation
Nationality: Russian
Address: Serpukhov
Gender: male
|
Mikhail Mikhailovich Tsarev took part in cyberattacks with a significant effect, which constitute an external threat to EU Member States.
Mikhail Mikhailovich Tsarev, also known by the online monikers “Mango”, “Alexander Grachev”, “Super Misha”, “Ivanov Mixail”, “Misha Krutysha”, and “Nikita Andreevich Tsarev” is a key-player in the deployment of the “Conti” and “Trickbot” malware programs and is involved in the Russia-based threat group “Wizard Spider”. Wizard Spider continues to evolve and intensify its operations.
The Conti and Trickbot malware programs were created and developed by Wizard Spider. Wizard Spider has conducted ransomware campaigns in a variety of sectors, including essential services such as health and banking.
The group has infected computers worldwide and their malware has been developed into a highly modular malware suite. Campaigns by Wizard Spider, using malware such as Conti, “Ryuk” TrickBot or Black Basta, are responsible for substantial economic damage in the European Union.
Mikhail Mikhailovich Tsarev is therefore involved in cyberattacks with a significant effect, which constitute an external threat to the Union or its Member States.
|
24.6.2024
|
|
14.
|
Maksim Sergeevich GALOCHKIN
|
Максим Сергеевич ГАЛОЧКИН
Date of birth: 19.5.1982
Place of birth: Abakan, Russian Federation
Nationality: Russian
Gender: male
|
Maksim Galochkin took part in cyberattacks with a significant effect, which constitute an external threat to EU Member States.
Maksim Galochkin is also known by the online monikers “Benalen”, “Bentley”, “Volhvb”, “volhvb”, “manuel”, “Max17” and “Crypt”. Galochkin is a key player in the deployment of the “Conti” and “Trickbot” malware programs and is involved in the Russia-based threat group “Wizard Spider”. He has led a group of testers, with responsibilities for the development, supervision, and implementation of tests for the TrickBot malware program, created and deployed by Wizard Spider. Wizard Spider continues to evolve and intensify its operations.
Wizard Spider has conducted ransomware campaigns in a variety of sectors, including essential services such as health and banking. The group has infected computers worldwide and their malware has been developed into a highly modular malware suite. Campaigns by Wizard Spider, using malware such as Conti, “Ryuk” TrickBot or Black Basta, are responsible for substantial economic damage in the European Union.
Maksim Galochkin is therefore involved in cyberattacks with a significant effect, which constitute an external threat to the Union or its Member States.
|
24.6.2024’;
|
|
