Security News > 2021 > February > Egregor ransomware criminals allegedly busted in Ukraine
According to a report from radio station France Inter, numerous cybercriminals connected to the Egregor ransomware gang have recently been arrested.
Since Tuesday [last week], police in the two countries have been working together in an effort to dismantle a cybercrime group suspected of initiating hundreds of ransomware attacks dating back to September 2020.[] Police arrested a number of hackers suspected of working with the Egregor cybercrime gang, providing hacking, logistical, and financial support.
RaaS. Like many ransomware gangs these days, Egregor isn't a small and self-contained hacking crew.
Egregor is an example of what's become known as RaaS, short for ransomware-as-a-service, a name that's ironically derived from industry terminology such as IaaS and SaaS. Ransomware-as-a-service typically means that the core technical operators - the criminals who code the ransomware and collect the money from victims - don't need to deal directly with those victims.
Egregor, along with many other ransomware gangs, even runs its own publicity site on the dark web, where companies that refuse to pay up get named and shamed, and samples of potentially embarrassing files get dumped for all to see.
A report from ZDNet claims that the Egregor infrastructure - the underworld web services that keep gang affiliates in business - has been offline since last Friday, including both the data disclosure "Name-and-shame" pages and the servers that control the operation of the malware itself.