Security News

Europol has announced the arrest of 12 individuals believed to be linked to ransomware attacks against 1,800 victims in 71 countries. According to the law enforcement report, the actors have deployed ransomware strains such as LockerGoga, MegaCortex, and Dharma, as well as malware like Trickbot and post-exploitation tools like Cobalt Strike.

Europol has announced the arrest of 12 individuals believed to be linked to ransomware attacks against 1,800 victims in 71 countries. The most notable case linked to the suspects is a 2019 attack against Norsk Hydro, the Norwegian aluminum production giant, causing severe and lengthy disruption in the company's operations.

Law enforcement authorities arrested 150 suspects allegedly involved in selling and buying illicit goods on DarkMarket, the largest illegal marketplace on the dark web when it was taken down in January 2021. The arrests are the result of a coordinated international operation dubbed Dark HunTOR that lasted ten months and involved police forces and investigators from nine countries.

The letters from the Dutch Police aim to reduce cybercrime and steer the offenders towards legal alternatives to improve their skills. On Monday, 29 Dutch nationals received letters from the police informing them that their criminal activity has been recorded and that future offenses could lead to a conviction.

Ukrainian police have arrested a hacker who controlled a 100,000 device botnet used to perform DDoS attacks on behalf of paid customers. The threat actor was arrested at his home in Prykarpattia where he was allegedly using the botnet to perform DDoS attacks or to support other malicious activity for his clients.

Google said, in an August report, the number of geofence warrants the company received from law enforcement agencies jumped from 982 in 2018 to 11,554 in 2020. "Since the start of 2018, we have seen a rise in the number of search warrants in the United States that order Google to identify users, based on their Location History information, who may have been in a given area within a certain time," Google said.

The Ragnar Locker ransomware group is warning that they will leak stolen data from victims that contact law enforcement authorities, like the FBI. Ragnar Locker has previously hit prominent companies with ransomware attacks, demanding millions of dollars in ransom payments. In an announcement published on Ragnar Locker's darknet leak site this week, the group is threatening to publish full data of victims who seek the help of law enforcement and investigative agencies following a ransomware attack.

A company is suing the Police Digital Service over a framework worth up to £18m after losing a bid to provide a mass surveillance platform, claiming police managers broke laws on the awarding of public contracts. Excession Technologies Ltd is suing the organisation formerly known as the Police ICT Company on the grounds that it broke the Defence and Security Public Contracts Regulations after allegedly misunderstanding Excession's platform was capable of doing.

A man who viewed documents online for a controversial London property development and shared them on social media was raided by police after developers claimed there had been a break-in to their systems. The society is a property development firm that wants to build flats over a children's caged ball court in the south London borough, something Hutchinson "Vocally opposes," according to the local paper.

Law enforcement authorities in the Netherlands have arrested two alleged individuals belonging to a Dutch cybercriminal collective who were involved in developing, selling, and renting sophisticated phishing frameworks to other threat actors in what's known as a "Fraud-as-a-Service" operation. Believed to be active since at least 2020, the cybercriminal syndicate has been codenamed "Fraud Family" by cybersecurity firm Group-IB. The frameworks come with phishing kits, tools designed to steal information, and web panels, which allow the fraudsters to interact with the actual phishing site in real time and retrieve the stolen user data.