Security News > 2021 > October > Police Arrest Suspected Ransomware Hackers Behind 1,800 Attacks Worldwide
12 people have been detained as part of an international law enforcement operation for orchestrating ransomware attacks on critical infrastructure and large organizations that hit over 1,800 victims across 71 countries since 2019, marking the latest action against cybercrime groups.
The suspects have been primarily linked to LockerGoga, MegaCortex, and Dharma ransomware, in addition to being in charge of laundering the ransom payments by funneling the ill-gotten Bitcoin proceeds through mixing services and cashing them out.
"Some of these criminals were dealing with the penetration effort, using multiple mechanisms to compromise IT networks, including brute force attacks, SQL injections, stolen credentials and phishing emails with malicious attachments."
The arrested individuals are also believed to have carried out the ransomware attack on Norwegian aluminum processor Norsk Hydro in March 2019, the country's National Criminal Investigation Service said in a separate statement.
The joint task force involved authorities from France, Germany, the Netherlands, Norway, Switzerland, Ukraine, the U.K., and the U.S., along with Europol and Eurojust, under the European Multidisciplinary Platform Against Criminal Threats.
The development also arrives weeks after representatives from the U.S., the European Union, and 30 other countries pledged to mitigate the risk of ransomware and harden the financial system from exploitation with the goal of disrupting the ecosystem, calling it an "Escalating global security threat with serious economic and security consequences."
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/RhiyfN1lX6w/police-arrest-suspected-ransomware.html
Related news
- North Korean govt hackers linked to Play ransomware attack (source)
- Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean hackers pave the way for Play ransomware (source)
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)
- Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack (source)
- Hackers increasingly use Winos4.0 post-exploitation kit in attacks (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Halliburton reports $35 million loss after ransomware attack (source)
- New Ymir ransomware partners with RustyStealer in attacks (source)