How big ransomware gang members were arrested by FBI and Europol coordination

A police operation coordinated by Interpol, Europol and the Federal Bureau of Investigation (FBI) led to the arrest of two individuals accused of controlling two ransomware operations characterized by demanding the payment of millionaire ransoms from their victims. The operation was also supported by the authorities of France and Ukraine.

In addition to the two arrests, authorities raided 7 properties, where they seized more than $370,000 USD in cash and two luxury cars worth more than $200,000 USD, in addition to freezing two online accounts with more than $1 million USD in cryptocurrency.

Authorities believe cybercriminals deployed a wave of attacks against specific industrial sectors in the United States and Europe at least since the first quarter of 2020. This operation resorts to the tactic of “double extortion”, infecting targets and stealing confidential information from victims.

Like any other ransomware group, hackers demanded a ransom from victims in exchange for handing over keys that allow them to regain access to infected systems and files, threatening affected users with revealing sensitive information if the ransom is not paid.

Six French agents, four FBI experts and a specialized Europol team, all coordinated by an Interpol officer, sent to Ukraine for the deployment of the activities required in the operation, collaborated in the investigation.

Europol supported the investigation from the outset, bringing together all the countries involved to establish a joint strategy. Its cybercrime specialists organized 12 coordination meetings to prepare for the day of action, in addition to providing analytical, malware, forensic and digital tracking support.

For now, the identity of the arrested individuals is unknown, although this could change as soon as the suspects are formally charged by the authorities of the countries where they operated. A couple of months ago, ransomware groups began to attract the attention of the authorities because some of them came to compromise critical infrastructure in Europe and the U.S., which has convinced the governments of the world that this is a serious problem and must be addressed immediately.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.