Assets also frozen over ‘string of targeted attacks’ against US and European targets

Prolific ransomware operators arrested in Ukraine over attacks against US and European targets

Two individuals have been arrested in Ukraine over ransomware attacks for which ransom demands were set as high as €70 million ($81 million), Europol has announced.

The suspects are alleged to be members of an organized crime group “suspected of having committed a string of targeted attacks against very large industrial groups in Europe and North America from April 2020 onwards”, said the law enforcement agency in a press release published today (October 4).

The arrests were made on September 28 during an operation that saw law enforcement search seven properties, resulting in the seizure of $375,000 in cash and two luxury vehicles worth around $250,000.

Assets of $1.3 million in cryptocurrencies have also been frozen, according to Europol.

‘Extortionate ransom demands’

Europol described the arrestees as “prolific ransomware operators” who were known for making “extortionate ransom demands” that ranged between €5 million ($5.8 million) and €70 million ($81 million).

The attackers deployed malware and stole then encrypted sensitive data, before offering a “decryption key in return for a ransom payment of several millions of euros, threatening to leak the stolen data on the dark web should their demands not be met”.

Catch up on the latest cybercrime news and analysis

Ukrainian police were supported in the investigation by French law enforcement, the FBI, Interpol, and Europol’s Joint Cybercrime Action Taskforce (J-CAT).

Europol said it helped the agencies established a joint strategy, provided analytical, malware, forensic, and crypto-tracing support, and established a virtual command post to facilitate coordination.

The news comes against a background of increasingly frequent ransomware attacks, which have soared by 1,070% year on year according to a report published last week by enterprise security firm Fortinet.

DON’T FORGET TO READ Malicious hackers are exploiting known vulnerabilities because organizations aren’t quick enough to patch – report