Security News > 2021 > June > Ukraine Police Arrest Cyber Criminals Behind Clop Ransomware Attacks
Ukrainian law enforcement officials on Wednesday announced the arrest of the Clop ransomware gang, adding it disrupted the infrastructure employed in attacks targeting victims worldwide since at least 2019.
The ransomware attacks amount to $500 million in monetary damages, the National Police said, noting that "Law enforcement has managed to shut down the infrastructure from which the virus spreads and block channels for legalizing criminally acquired cryptocurrencies."
Law enforcement officers are said to have conducted 21 searches in the Ukrainian capital and Kyiv region, including the homes of the defendants and their cars, resulting in the seizure of computer equipment, cars, and 5 million hryvnias.
It's not clear if the arrested individuals are affiliates or core developers of the ransomware operation.
Since emerging on the scene in 2019, the Clop threat actor has been linked to a number of high-profile attacks as that of Accellion, Qualys, Software AG IT, ExecuPharm, Indiabulls, as well as a number of universities like Maastricht University, Stanford University Medical School, University of Maryland, and University of California.
The development comes as another ransomware group by the name of Avaddon shuttered operations and handed over the decryption keys associated with 2,934 victims to Bleeping Computer last week, likely in response to heightened scrutiny by law enforcement and governments worldwide after a spate of attacks against critical infrastructure.
News URL
Related news
- Fidelity customers' financial info feared stolen in suspected ransomware attack (source)
- Fidelity customers' financial info feared stolen in suspected ransomware attack (source)
- Alert: GhostSec and Stormous Launch Joint Ransomware Attacks in Over 15 Countries (source)
- Duvel says it has "more than enough" beer after ransomware attack (source)
- FBI: Critical infrastructure suffers spike in ransomware attacks (source)
- JetBrains TeamCity under attack by ransomware thugs after disclosure mess (source)
- Possible China link to Change Healthcare ransomware attack (source)
- Change Healthcare registers pulse after crippling ransomware attack (source)
- BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks (source)
- JetBrains is still mad at Rapid7 for the ransomware attacks on its customers (source)