Ransomware, Threat Intelligence
Ukraine-based ransomware gang dismantled by international operation
Europol and law enforcement agencies across seven countries, including the U.S., have dismantled a Ukraine-based ransomware operation following the arrests of its alleged leader and four accomplices, CyberScoop reports.
More than 250 servers from organizations across 71 countries have been encrypted by the unnamed ransomware group, which leveraged the HIVE, LockerGoga, Dharma, and MegaCortex ransomware strains in its attacks that resulted in losses amounting to hundreds of millions of euros, according to Europol.
Mandiant Head of Cybercrime Analysis Kimberly Goody noted that the arrested individuals may have been affiliated with various ransomware services.
"Threat actors commonly partner with different actors over time to perform certain aspects of a compromise, such as initial access or money laundering, which is likely the case of at least some of these suspects. Breaking one link in their organizational cycle can cause significant albeit temporary disruptions to these groups, as identifying, vetting, and trusting new partners can be challenging in the criminal world," said Goody.
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds