Key Cybercriminals Behind Notorious Ransomware Families Arrested in Ukraine

Cyber Security Threat Summary:
A joint operation carried out by Europol and law enforcement agencies has led to the arrest of 5 key suspects in Ukraine believed to be core members of various ransomware operations including LockerGoga, MegaCortex, Dharma, and the now defunct Hive ransomware. Since 2019, these individuals have targeted over 1,800 victims across 71 countries, compromising large corporations. The roles of these perpetrators varied including some being involved in penetrating IT networks via phishing and brute force before deploying the encryptor, while others were in charge of laundering cyptocurrency funds from victims. Overall, law enforcement concluded that this group of individuals was responsible for encrypting over 250 servers belonging to large corporations, resulting in losses exceeding several hundreds of millions of euros.

Security Officer Comments:
The recent takedown showcases law enforcement’s continued efforts to tackle cybercrime. Recently, Europol announced the takedown of the takedown of a prolific voice phishing gang that's believed to have netted millions in illegal profits. Months prior, law enforcement authorities also dismantled the infrastructure associated with Ragnar Locker ransomware.