12 high-profile ransomware hackers targeted

On October 26th the action day against ransomware took place. Joint forces conducted operations in Ukraine and Switzerland. Specialists consider suspects high-value targets because of their involvement in other high-profile cases in various jurisdictions. As a result of the operation joint forces seized over USD 52 000 in cash, also 5 luxury cars. In addition, forensic specialists currently assess the electronic devices for the evidence and new investigative leads.

Suspects targeted large enterprises with ransomware

According to the Europol press release suspects activities affected over 1 800 victims in 71 countries. They specifically targeted large enterprises bringing them to prolonged standstills. Each of the suspects had specifically assigned job. Some conducted penetration efforts, while others deployed malware such as Trickbot. As the next step criminals would lay undetected even for months to probe the network for weakness. Only after that they would start the process of deploying ransomware. The known cases of their activity include MegaCortex, Dharma and LockerGoga.

“More than 50 foreign investigators, including six Europol specialists, were deployed to Ukraine for the action day to assist the National Police with conducting jointly investigative measures. A Ukrainian cyber police officer was also seconded to Europol for two months to prepare for the action day,” goes in Europol`s press release.

French authorities initiated the operation assisted in this by Europol and Eurojust. Together they set up a joint investigation team (JIT) that included France, Norway, United Kingdom and Ukraine. The investigation started in November 2019. The U.S and Dutch authorities conducted their own investigation. Europol and Eurojust assisted in all this by creating coordination centers for facilitating law enforcement forces. The jurisdictions of all countries-participants worked in the framework of the European Multidisciplinary Platform Against Criminal Threats (EMPACT).

The Norsk Hydro attack

In a separate press release Norway’s National Criminal Investigation Service (Kripos) confirmed that targeted suspects conducted a two years ago attack on the Norsk Hydro. The metals maker company suffered a ransomware attack in 2019 refusing to pay the demanded money. Losses amounted to tens of millions of dollars as parts of the production were stopped. Others did not name businesses involved in suspects` activities.

12 high-profile hackers targeted by Europol
Security put a warning notice in one of the Hydro offices

The FBI’s Internet Crime Complaint Center (IC3) that provides information on cyber crime incidents reported the following statistics. In 2020 they received 791,790 complaints for all types of internet crime. The losses exceeded $4.1 billion. The number of ransomware incidents constituted 2,474 incidents reported in 2020. And it presents an increase by 20 percent in the number of incidents. The demands rose to a 225 percent increase. From January to July 31, 2021, the IC3 has received 2,084 ransomware complaints with more than $16.8M in losses.

About Andrew Nail

Cybersecurity journalist from Montreal, Canada. Studied communication sciences at Universite de Montreal. I was not sure if a journalist job is what I want to do in my life, but in conjunction with technical sciences, it is exactly what I like to do. My job is to catch the most current trends in the cybersecurity world and help people to deal with malware they have on their PCs.

Check Also

North Korean hackers targeted security companies

North Korea hackers targeted security companies

In its first edition of new Threat Horizons report Google, among other detected cyber threats, …

New PowerShortShell Stealer Exploits Recent Microsoft MSHTML Vulnerability

New PowerShortShell Stealer

On November 24, 2021 SafeBreach Labs published research on a new Iranian threat actor using …

Leave a Reply