Security News > 2021 > October > Europol announces “targeting” of 12 suspects in ransomware attacks
A total of 12 individuals wreaking havoc across the world with ransomware attacks against critical infrastructure have been targeted as the result of a law enforcement and judicial operation involving eight countries.
As you probably know, a lot of ransomware gangs these days consist of what you might call a cybercrime "Ecosystem" or "Subculture", with the core coders surrounded by numerous affiliates or associates who take the malware out into the world and use it actively in attacks.
Work duties: Unleash a final ransomware payload, scrambling as many files as possible on the network, using malware including LockerGoga, MegaCortex and Dharma.
The dispassionate list given above by Europol, breaking down the modern-day "Commercialised" ransomware process into well-defined tasks, is scary enough.
We've personally sat wide-eyed at work while Peter showed us a video recording of an IT manager, in the thick of a ransomware crisis, receiving a personal call from the criminals in which they calmly but chillingly read back to him his social security number and other personal data that they'd extracted from the company network.
In a recent Conti ransomware attack on a transport logistics provider that Sophos Rapid Response investigated, the attackers had exfiltrated details of active accident investigations, featuring the names of the drivers involved, fatalities and other related information.
News URL
Related news
- Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)
- Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Halliburton reports $35 million loss after ransomware attack (source)
- New Ymir ransomware partners with RustyStealer in attacks (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)
- New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems (source)