Authorities Arrest Suspected Ransomware Hackers Behind 1,800 Attacks Worldwide

(The AEGIS Alliance) – 12 individuals were apprehended as a portion of a worldwide operation by authorities for targeting crucial infrastructure with ransomware attacks as well as on big companies that struck more than 1,800 victims throughout 71 countries since 2019, signifying the most recent actions taken against cybercriminals.

The apprehensions were brought about this past week in Ukraine on October 26 and also in Switzerland, leading to the confiscation of money worth $52,000, 5 high-end automobiles, and a variety of digital gadgets that the agencies stated are being analyzed to reveal new forensic evidence of their harmful activities and seek new investigatory leads.

The suspects are predominantly connected to LockerGoga, MegaCortex, and also Dharma ransomware, along with supervising the laundering of ransomware payments by funneling the unlawfully made Bitcoin amounts by means of combining crypto-exchange services, then cashing it out.

“The targeted suspects all had different roles in these professional and highly organized criminal organizations,” Europol pointed out in a news release. “Some of these criminals were dealing with the penetration effort, using multiple mechanisms to compromise IT networks, including brute force attacks, SQL injections, stolen credentials and phishing emails with malicious attachments.”

After an effective break-in, the suspects were stated to have concentrated on lateral activity within the jeopardized systems by releasing malware including TrickBot or post-exploitation structures such as Cobalt Strike or PowerShell Empire along with the objective to remain unnoticed for prolonged time frames and obtain entrenched access, leveraging the chance for probing additional weak points in the IT systems prior to putting in ransomware.

The arrested people are likewise thought to have executed the ransomware strike on Norwegian aluminum processor Norsk Hydro in March of 2019, Norway’s National Criminal Investigation Service wrote in a press release.

The joint task force included authorities coming from France, Germany, the Netherlands, Norway, Switzerland, Ukraine, the U.K., as well as the United States, together with Europol and also Eurojust, under the European Multidisciplinary Platform Against Criminal Threats (EMPACT).

The news additionally showed up weeks following representatives from the United States, the European Union, and 30 various other nations vowing to minimize the threat of ransomware and solidify the economic system from exploitation with the objective of disrupting the ecosystem, calling it an “escalating global security threat with serious economic and security consequences.”

Kyle James Lee – The AEGIS Alliance – This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.