Jump to content
  • Ransomware operators behind hundreds of attacks arrested in Ukraine


    Karlston

    • 775 views
    • 3 minutes
     Share


    • 775 views
    • 3 minutes

    Europol has announced the arrest of two men in Ukraine, said to be members of a prolific ransomware operation that extorted victims with ransom demands ranging between €5 to €70 million.

    Two arrests in Ukraine

    The international law enforcement operation was conducted in coordination with the FBI, the French police (Gendarmerie Nationale), and the Ukrainian National Police (Національна поліція України). In total, the police officers performed seven property searches, seized $375,000 in cash, and two luxury vehicles that cost about $250,000. Furthermore, the investigators froze $1.3 million worth of crypto that is believed to be linked to ransom payments.

     

    Coordinated announcements from Europol and the Ukrainian police describe the suspects as members of a top-tier group, but Europol told BleepingComputer that they could not name the group for operational reasons.

     

    "Both these individuals were part of the same group which focused not only on ransom attacks, but also laundered criminal funds," Europol told BleepingComputer.

     

    Both suspects were arrested in Kyiv City, with one of the individuals described as a 25-year old male "hacker."

     

    The law enforcement agencies attribute approximately a hundred cyberattacks to the gang, starting in April 2020, that targeted North American and European entities. As for the modus operandi, it follows the typical network compromise, malware deployment, data exfiltration, and eventually the encryption of all local files.

     

    The initial points of compromise are the victim's VPN tool or through emails to employees that drop payloads on their computers.

     

    It is estimated that the total damages caused to the victimized organizations are $150 million.

     

    The law enforcement operation took the combined efforts of six French investigators, four from the FBI, one Interpol officer, and two of Europol’s cybercrime specialists.

     

    Disrupting ransomware operations

    These arrests will likely not bring down an entire Ransomware-as-a-Service (RaaS) operation. However, law enforcement has been increasingly targeting individual members as a way to disrupt gang's activities.

     

    Furthermore, Successful law enforcement operations tend to have chilling effects on the operation of illegal hacking groups as they spread fear and uncertainty among the other members, commonly leading to the group's shutdown or rebranding.

     

    The announcement from Ukraine's cyber-police says the arrested individuals face up to twelve years in prison for violations of two articles of the criminal code in the country, one for unauthorized interference in computer networks and systems, and one for money laundering.

     

    The Ukrainian police also arrested other individuals this year believed to be members of the Clop and Egregor ransomware operations.

     

     

    Ransomware operators behind hundreds of attacks arrested in Ukraine

    • Like 3

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...