Ukranian Police Arrests Ransomware Gang that Hit over 50 Firms

Ukrainian police officers have arrested a ransomware affiliate group responsible for attacking at least 50 companies in the U.S. and Europe.

It is estimated that the total losses resulting from the attacks is in excess of one million U.S. dollars.

A 36-year-old resident of Ukraine’s capital Kiev was identified as the leader of the group, which included his wife and three other acquaintances, the police states.

Also Read: The 7 Fundamental Guide on SOP for Social Media Marketing

It is unclear what ransomware strain the gang used to encrypt data on victim computers but they delivered the malware through spam emails.

Three members of the gang received the ransoms from paying victims in cryptocurrency. In exchange, they provided the decryption tool to restore data, the Ukrainian police says in an announcement today.

“According to preliminary data, more than 50 companies were affected by the attacks, the total amount of damage reaches more than one million US dollars,” the police adds.

To legalize the funds received as ransom payments, the attackers carried out complex financial transactions using online payment services that are banned in Ukraine, passing them around in an extensive network of fictitious identities.

Apart from the ransomware activity, the actors also VPN-like services that enabled other cybercriminals to carry out illegal activities ranging from downloading malware to hacking.

The investigation revealed that these services were used to compromise systems belonging tio government and commercial organizations to steal sensitive data, deploy ransomware, or launch distributed denial-of-service (DDoS) attacks.

Also Read: 7 Principles of Personal Data Processing

One of the defendants was also stealing card data of British citizens to buy items from online stores and then resell them online. This process is a simple way to convert into cash the funds on stolen cards.

The police raided the homes and cars of nine suspects and confiscated computer equipment, bank cards, and flash drives which investigators will examine for additional evidence that could lead to more arrests.

The suspects face criminal charges relevant to money laundering, interference in computers and networks, and the creation, use, distribution, and sale of malicious software.

These arrests are a joint effort from law enforcement officers in the U.K., the U.S. and Ukraine.

Law enforcement crackdown

The cybercrime unit of the Ukrainian police has been very active in recent months, arresting ransomware actors, fraudsters, botnet operators, and phishing actors.

More specifically, the SSU arrested the following actors recently:

• October 2021 – Two ransomware actors behind hundreds of attacks.
• October 2021 – Members of a money-laundering operation offering services to hackers.
• October 2021 – Members of the LockerGoga ransomware group.
• November 2021 – Five phishing actors who hacked into Apple and Samsung accounts.
• December 2021 – 51 data brokers who sold the details of 300 million people.