Arrest, Seizures Tied to Netwalker Ransomware

2021-01-27 22:42

U.S. and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims.

NetWalker is a ransomware-as-a-service crimeware product in which affiliates rent access to the continuously updated malware code in exchange for a percentage of any funds extorted from victims.

NetWalker has been among the most rapacious ransomware strains, hitting at least 305 victims from 27 countries - the majority in the United States, according to Chainalysis, a company that tracks the flow virtual currency payments.

In a statement on the seizure, the Justice Department said the NetWalker ransomware has impacted numerous victims, including companies, municipalities, hospitals, law enforcement, emergency services, school districts, colleges, and universities.

The NetWalker ransomware affiliate program kicked off in March 2020, when the administrator of the crimeware project began recruiting people on the dark web.

Like many other ransomware programs, NetWalker does not permit affiliates to infect systems physically located in Russia or in any other countries that are part of the Commonwealth of Independent States - which includes most of the nations in the former Soviet Union.

News URL

https://krebsonsecurity.com/2021/01/arrest-seizures-tied-to-netwalker-ransomware/

#arrest #ransomware