The threat cluster dubbed UNC2165, which shares numerous overlaps with a Russia-based cybercrime group known as Evil Corp, has been linked to multiple LockBit ransomware intrusions in an attempt to get aroundsanctionsimposed by the U.S. Treasury in December 2019. “These actors have shifted away from using exclusive ransomware variants to LockBit a well-known ransomware as a service (RaaS)