Security News > 2023 > November > Ukrainian ransomware gang behind high-profile attacks dismantled

Law enforcement and judicial authorities from seven countries have joined forces with Europol and Eurojust to dismantle and apprehend in Ukraine key figures behind significant ransomware operations.
More than 20 investigators from Norway, France, Germany and the United States were deployed to Kyiv to assist the Ukrainian National Police with their investigative measures.
The individuals under investigation are believed to be part of a network responsible for high-profile ransomware attacks against organizations in 71 countries.
They deployed LockerGoga, MegaCortex, HIVE, and Dharma ransomware, among others, to carry out their attacks.
Those responsible for breaking into networks did so through techniques including brute force attacks, SQL injections, and sending phishing emails with malicious attachments to steal usernames and passwords.
Once inside the networks, the attackers remained undetected and gained additional access using tools, including TrickBot malware, Cobalt Strike, and PowerShell Empire, to compromise as many systems as possible before triggering ransomware attacks.
News URL
Related news
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset (source)
- Chinese espionage tools deployed in RA World ransomware attack (source)
- Lee Enterprises newspaper disruptions caused by ransomware attack (source)
- CERT-UA Warns of UAC-0173 Attacks Deploying DCRat to Compromise Ukrainian Notaries (source)
- Southern Water says Black Basta ransomware attack cost £4.5M in expenses (source)
- Qilin ransomware claims attack at Lee Enterprises, leaks stolen data (source)
- Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hunters International ransomware claims attack on Tata Technologies (source)