Ransomware threat actors arrested in Ukraine
Two ransomware operators were arrested in Ukraine as a result of a joint international law enforcement operation. The arrest was made in the last week of September in Ukraine’s capital, Kyiv. This operation was carried out by officers of the Ukrainian National Police, in association with the French Gendarmerie, the FBI, Europol, and Interpol.
The arrest included a 25-year-old suspect who was believed to be a critical member of a huge ransomware operation.
The officials refrained from naming the suspect’s connection to any particular ransomware gang, claiming that an ongoing official investigation is being carried out.
In a press release, Ukraine officials said that suspect was involved in attacks on 100-plus companies worldwide, causing more than $150 million in damages.
This was followed by searching at seven properties. This also included the family members of the 25-year-old primary suspect. The officers detained computers that were used to gain access to remote servers to deploy the ransomware along with two cars and different amounts, which comprised of $375,000 in cash and $1.3 million in cryptocurrencies.
Europol also, in a press release, highlighted that the arrested attacker had been in the cyberattack landscape since April 2020 and that their gang was renowned for their extensive ransom demands ranging between €5 and €70 million.
According to many security researchers, the two suspects that were arrested belonged to the REvil ransomware gang.
In addition, a video of one of the house searches was also released by Ukrainian police. It shows officers examining unlocked computers and tablets. This suggests that the investigating bodies might have gained access to sensitive information that will enable them to infiltrate the ransomware gang’s organization and structure.