Security News > 2023 > November > Ukrainian ransomware gang behind high-profile attacks dismantled
Law enforcement and judicial authorities from seven countries have joined forces with Europol and Eurojust to dismantle and apprehend in Ukraine key figures behind significant ransomware operations.
More than 20 investigators from Norway, France, Germany and the United States were deployed to Kyiv to assist the Ukrainian National Police with their investigative measures.
The individuals under investigation are believed to be part of a network responsible for high-profile ransomware attacks against organizations in 71 countries.
They deployed LockerGoga, MegaCortex, HIVE, and Dharma ransomware, among others, to carry out their attacks.
Those responsible for breaking into networks did so through techniques including brute force attacks, SQL injections, and sending phishing emails with malicious attachments to steal usernames and passwords.
Once inside the networks, the attackers remained undetected and gained additional access using tools, including TrickBot malware, Cobalt Strike, and PowerShell Empire, to compromise as many systems as possible before triggering ransomware attacks.
News URL
Related news
- VPN vulnerabilities, weak credentials fuel ransomware attacks (source)
- Bologna FC confirms data breach after RansomHub ransomware attack (source)
- Vodka maker Stoli files for bankruptcy in US after ransomware attack (source)
- Romanian energy supplier Electrica hit by ransomware attack (source)
- Ransomware attack hits leading heart surgery device maker (source)
- US sanctions Chinese firm for hacking firewalls in ransomware attacks (source)
- US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks (source)
- US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack (source)
- Starbucks, Supermarkets Targeted in Ransomware Attack (source)
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)