In a significant breakthrough against cybercrime, a coordinated law enforcement effort spanning multiple countries has led to the arrest of key individuals allegedly involved in various ransomware schemes. The operation, conducted in Ukraine, resulted in the apprehension of a 32-year-old ringleader and four of his primary accomplices. Europol confirmed the successful raid, which involved searches across 30 properties in Kyiv, Cherkasy, Rivne, and Vinnytsia.
These arrests come in the wake of an ongoing pursuit that began over two years ago when a dozen individuals were captured in connection to the same criminal operation. The arrested individuals are suspected of playing pivotal roles in ransomware families such as LockerGoga, MegaCortex, and Dharma, allegedly targeting more than 1,800 victims across 71 countries since 2019. Their modus operandi involved employing tactics like brute-force attacks, SQL injections, and phishing emails loaded with malicious attachments to breach IT networks and steal crucial credentials. Once inside the compromised networks, the group deployed a suite of malware, including TrickBot, Cobalt Strike, and PowerShell Empire, to execute their file-encrypting malware and wreak havoc on the systems.
Europol highlighted the magnitude of the cybercrime, stating that the perpetrators encrypted over 250 servers belonging to major corporations, resulting in substantial losses totaling hundreds of millions of euros. The collaborative effort in this crackdown involved authorities from several European countries, Ukraine, and the United States. This successful operation adds to recent strides in dismantling cybercrime networks, underscoring the international commitment to combating ransomware and other cyber threats.
