[TheRecord] Ransomware gang behind attacks on 50 companies arrested in Ukraine

Ukrainian authorities have detained five members part of a ransomware gang that carried out attacks against more than 50 companies across Europe and the Americas.

The arrests, which took place earlier this week, targeted the group’s leader, a 36-year-old Kyiv resident, his wife, and three acquaintances.

Officials said the group hacked into government and private enterprise networks to steal data, installed ransomware to extort the victims, and also carried out DDoS attacks to paralyze the hacked networks.

“They administered the service from home personal computers, and in order to avoid responsibility for their illegal activities, they disguised themselves under various nicknames on the Darknet network,” the Ukrainian Security Service (SSU) said today.

The hackers also used underground money mule networks to transfer some of their profits to payment cards owned by fictitious persons.

The group is believed to have made at least $1 million from their attacks, according to the Ukrainian Cyber Police.

The suspects were detained earlier this week after house searches at nine locations. The raids were conducted together with officers from law enforcement agencies from the US and the UK.

“Computer equipment, mobile phones, bank cards, flash drives and three cars were seized,” the Ukrainian Cyber Police said today.

Image: Ukraine’s Cyber Police

Officials said the suspects are also wanted by foreign law enforcement. A request for comment seeking information if an extradition request has been filed for any of the suspects has not been returned by Ukrainian officials.

This marks the fifth major arrest of a ransomware group in Ukraine since the start of 2021:

February 2021 – the arrest of several members of the Egregor ransomware gangJune 2021 – the arrest of a group who laundered money for the Clop ransomware gangOctober 2021 – two ransomware operators arrested in Kyiv, believed to be connected to the REvil groupOctober 2021 – the arrest of a group that distributed the LockerGoga and MegaCortex ransomware strains

The names of the suspects or their affiliation with any particular ransomware strain or operation has not been disclosed.

The post Ransomware gang behind attacks on 50 companies arrested in Ukraine appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[BleepingComputer] The Week in Ransomware – June 11th 2021 – Under Pressure

It has been quite the week when it comes to ransomware, with ransoms being paid, ransoms being taken back, and a ransomware gang shutting down. […] Source: Read More (BleepingComputer)

Read More

[ZDNet] NSW to trial geolocation and facial recognition app for home-based quarantine

All posts, ZDNet

Along with the NSW trial, Tasmania will also begin a home-based quarantine trial for residents returning from regional New South Wales next week. Source: Read More (Latest topics for ZDNet in Security)

Read More

Daily NCSC-FI news followup 2021-06-26

Microsoft says SolarWinds hacking group has breached three new victims therecord.media/microsoft-says-solarwinds-hacking-group-has-breached-three-new-victims/ Microsoft said on Friday that it discovered new cyberattacks carried out by Nobelium, the codename the company has assigned to the Russian state-sponsored hacking group responsible for the SolarWinds hack last year. Direct link to Microsoft report: msrc-blog.microsoft.com/2021/06/25/new-nobelium-activity/ Microsoft admits to signing rootkit malware […]

Read More