12 people have been detained as part of an international law enforcement operation for orchestrating ransomware attacks on critical infrastructure and large organizations that hit over 1,800 victims across 71 countries since 2019, marking the latest action against cybercrime groups.

The arrests were made earlier this week on October 26 in Ukraine and Switzerland, resulting in the seizure of cash worth $52,000, five luxury vehicles, and a number of electronic devices that the agencies said are being examined to uncover new forensic evidence of their malicious activities and pursue new investigative leads.

The suspects have been primarily linked to LockerGoga, MegaCortex, and Dharma ransomware, in addition to being in charge of laundering the ransom payments by funneling the ill-gotten Bitcoin proceeds through mixing services and cashing them out.

Automatic GitHub Backups

“The targeted suspects all had different roles in these professional, highly organised criminal organisations,” Europol said in a press release. “Some of these criminals were dealing with the penetration effort, using multiple mechanisms to compromise IT networks, including brute force attacks, SQL injections, stolen credentials and phishing emails with malicious attachments.”

Following a successful break-in, the suspects are said to have focused on lateral movement within the compromised networks by deploying malware such as TrickBot or post-exploitation frameworks like Cobalt Strike or PowerShell Empire with the goal of staying undetected for extended periods of time and gaining entrenched access, leveraging the opportunity to probe for more weaknesses in the IT networks before installing ransomware.

The arrested individuals are also believed to have carried out the ransomware attack on Norwegian aluminum processor Norsk Hydro in March 2019, the country’s National Criminal Investigation Service said in a separate statement.

The joint task force involved authorities from France, Germany, the Netherlands, Norway, Switzerland, Ukraine, the U.K., and the U.S., along with Europol and Eurojust, under the European Multidisciplinary Platform Against Criminal Threats (EMPACT).

The development also arrives weeks after representatives from the U.S., the European Union, and 30 other countries pledged to mitigate the risk of ransomware and harden the financial system from exploitation with the goal of disrupting the ecosystem, calling it an “escalating global security threat with serious economic and security consequences.”


Products You May Like

Articles You May Like

‘Guillermo Del Toro’s Pinocchio’ Gets Sendoff At New York’s Museum Of Modern Art Before Netflix Premiere And Exhibition Opening
Fox News Parts Ways With Lara Trump As Her Father-In-Law Starts Presidential Campaign
Rail union urged not to ‘hold country to ransom’ and accept ‘generous’ pay offer
Colbert Dusts Off Herschel Walker Jokes Written a Month Ago
Raphael Warnock Defeats Herschel Walker In Georgia Runoff, Giving Democrats 51-49 Senate Majority

Leave a Reply

Your email address will not be published. Required fields are marked *