Large Ransomware Ring Taken Down By Police

Tyler Cross
Tyler Cross Senior Writer
Tyler Cross Tyler Cross Senior Writer

Police took down a ransomware ring associated with attacks in 71 different countries.

The gang was responsible for targeting large corporations amidst the open war between Russia and Ukraine, forcing multiple businesses’ entire operations to a standstill. This inflicts damage on an entire market due to the stress it can put on supply chains and hinders their ability to effectively fight against Russia.

They’ve taken advantage of multiple tools, deploying LockerGoga, MegaCortex, HIVE, Dharma ransomware, and more to target businesses. The threat actors divvied up the jobs, with groups focusing on infiltrating IT networks, extorting victims, and laundering money.

“Those responsible for breaking into networks did so through techniques including brute force attacks, SQL injections and sending phishing emails with malicious attachments in order to steal usernames and passwords,” explains Europol in a recent release.

“The investigation determined that the perpetrators encrypted over 250 servers belonging to large corporations, resulting in losses exceeding several hundreds of millions of euros,” says Europol.

More than 20 investigators from the US, Norway, France, Switzerland, Europol, Eurojust, and Germany were deployed to Ukraine to aid in the investigation. The international attention was required thanks to how intense the gang’s attacks were.

There were 30+ properties raided by police in the Ukrainian regions of Kyiv, Cherkasy, Rivne, and Vinnytsia. The searches led to the arrest of the gang’s 34-year-old ringleader and 4 accomplices.

The arrests were the continuation of another investigation that took place in 2021. Multiple threat actors were detained after launching aggressive cyber attacks, but the leader hadn’t been caught.

The group is just one of many using the war to perpetuate aggressive cyber attacks on businesses and government agencies. These groups seek to profit off of global instability and can only be beaten by international cooperation.

“This international cooperation has remained steadfast and uninterrupted, persisting even amid the challenges posed by the ongoing war in Ukraine.”

About the Author
Tyler Cross
Tyler Cross
Senior Writer

About the Author

Tyler is a writer at SafetyDetectives with a passion for researching all things tech and cybersecurity. Prior to joining the SafetyDetectives team, he worked with cybersecurity products hands-on for more than five years, including password managers, antiviruses, and VPNs and learned everything about their use cases and function. When he isn't working as a "SafetyDetective", he enjoys studying history, researching investment opportunities, writing novels, and playing Dungeons and Dragons with friends."