Europol officials today announced the arrest of 12 people linked to more than 1,800 extortion attacks in 71 countries. The suspects were reported to have been the ransomware operators LockerGoga, MegaCortex and Dharma.
The arrests took place at the beginning of this week, on October 26, in Ukraine and Switzerland. In simultaneous raids, police seized five luxury vehicles, electronic devices and $ 52,000 in cash. Law enforcement agencies of Norway, France, Great Britain, Germany, the Netherlands and the USA also took part in the investigation.
According to Europol, 12 suspects were part of a professional criminal group and attacked large companies using ransomware since 2019.
“Most of the suspects are considered important targets because they are involved in a variety of high-profile cases in different jurisdictions,” reads a Europol press release. “Some of these criminals have been“ pentesting ”using various methods to compromise IT networks, including brute force attacks, SQL injection, stolen credentials, and phishing emails with malicious attachments.”
Having penetrated the network of the target organization, the hackers took their time and spent many months looking for weak points in order to advance further and expand their access. The group has deployed malware such as TrickBot on victims’ networks and also used post-exploitation frameworks, including Cobalt Strike and PowerShell Empire.
It seems that the hackers were partners of several RaaS platforms (Ransomware-as-a-Service) at once, since after they used various ransomware families in their attacks, including LockerGoga, MegaCortex and Dharma.
In addition, Europol reports that some of those arrested did not engage in burglary, but helped the group launder ransoms from victims.
According to a Norwegian police press release, 12 suspects were linked to a high-profile attack on Norwegian aluminium company Norsk Hydro in March 2019. Let me remind you that because of this incident, the company’s work on two continents was stopped, and production was idle for almost a week.
“More than 50 foreign investigators, including six experts from Europol, were sent to Ukraine to assist the National Police in conducting joint investigative activities. The Ukrainian cyber police officer was also assigned to Europol for two months to prepare for the operation, ”says Europol.
Ukrainian law enforcement officers have also prepared their own press release, in which they say that the damage caused to the victims reaches $ 120 million.
Catch up on more stories here
Follow us on Facebook here