Multiple suspects arrested in thousands of ransomware attacks during an international operation

An international investigation has led to the arrest of several hackers allegedly responsible for thousands of “ransomware” attacks.

A total of 17 countries – including the USA, Great Britain, Germany, France, the Netherlands, Poland, Romania and Canada – as well as Interpol, Europol and Eurojust took part in the so-called GoldDust operation.

As part of this, the US Department of Justice announced on Monday the arrest of a Ukrainian in Poland who is suspected of being behind the cyberattacks, including a major one against the American service provider Kaseya.

Multiple suspects arrested in thousands of ransomware attacks during an international operation
Multiple suspects arrested in thousands of ransomware attacks during an international operation

Hundreds of companies in the US and other countries were blackmailed into a Kaseya vulnerability in early July.

Meanwhile, Europol and Eurojust have reported the arrest of two people in Romania who allegedly used REvil software to carry out attacks.

The suspects are charged with launching around 7,000 attacks against companies and organizations that use the software to lock the contents of their computers until they receive payment. Apparently they made millions of euros.

In addition, the two EU agencies announced another five arrests in other countries in the previous days. In this context, Eurojust said that cyberattacks target a wide range of institutions, such as companies, local governments, hospitals, schools, universities and courts.

According to Eurojust, French, German, Romanian and Swiss teams were at the center of the European operation.

On the other hand, Interpol pointed to further arrests in Kuwait and South Korea in connection with the exchange of information during the operation.

Blackmail software – known as “ransomware” – involves hackers encrypting data and then asking for money to release it.

The REvil group has carried out major attacks in recent months, demanding $ 70 million (more than 60 million euros) for a master key for all computers affected by the attack on Kaseya. With many of Kaseya’s affected customers being IT service providers, the impact of the attack was widespread.

In Sweden, too, the supermarket chain Coop was unable to open hundreds of stores because their till systems were no longer working.

A few weeks earlier, the REvil software had paralyzed several plants of the world’s largest meat company JBS in a global impact attack. The hackers collected a ransom of 11 million US dollars (approx. 9 million euros) in cryptocurrency from the company.

United States Attorney General Merrick Garland has alleged that at least $ 200 million in ransom has been paid in attacks using REvil software.

In this regard, Garland alleged that the United States had applied for the extradition of the 22-year-old Ukrainian who was arrested while entering Poland, and reported that the Justice Department had also paid 6.1 million dollars (about 5.2 million euros). allegedly confiscated, which is allegedly accused by a Russian REvil hacker of having attacked around 3,000 targets with “ransomware”.

On the other hand, the US State Department this Monday offered a $ 1 million reward for clues leading to the identification or arrest of the leaders of the REvil group or those involved in the attacks with the software.

This reward is on top of the reward offered days earlier by the DarkSide hacker group, which the United States believes was behind an attack on the United States’ largest oil pipeline that temporarily disrupted its operations.

Similar Posts