Security News > 2024 > August > International investigation shuts down Radar/Dispossessor ransomware group
FBI Cleveland announced the disruption of "Radar/Dispossessor"-the criminal ransomware group led by the online moniker "Brain"-and the dismantling of three U.S. servers, three United Kingdom servers, 18 German servers, eight U.S.-based criminal domains, and one German-based criminal domain.
Originally focused on entities in the United States, the investigation discovered 43 companies as victims of the attacks, from countries including Argentina, Australia, Belgium, Brazil, Honduras, India, Canada, Croatia, Peru, Poland, the United Kingdom, the United Arab Emirates, and Germany.
Radar Ransomware follows the same dual-extortion model as other ransomware variants by exfiltrating victim data to hold for ransom in addition to encrypting the victim's systems.
Simply put, ransomware identifies and attacks new victims and re-victimizes current victims.
Once the company was attacked, if they did not contact the criminal actor, the group would then proactively contact others in the victim company, either through email or phone call.
The FBI encourages those with information about Brain or Radar Ransomware-or if their business or organization has been a target or victim of ransomware or currently paying a criminal actor-to contact its Internet Crime Complaint Center at ic3.
News URL
https://www.helpnetsecurity.com/2024/08/13/radar-dispossessor-disruption/