Europol and law enforcement agencies across seven countries, including the U.S., have dismantled a Ukraine-based ransomware operation following the arrests of its alleged leader and four accomplices, CyberScoop reports.
More than 250 servers from organizations across 71 countries have been encrypted by the unnamed ransomware group, which leveraged the HIVE, LockerGoga, Dharma, and MegaCortex ransomware strains in its attacks that resulted in losses amounting to hundreds of millions of euros, according to Europol.
Mandiant Head of Cybercrime Analysis Kimberly Goody noted that the arrested individuals may have been affiliated with various ransomware services.
"Threat actors commonly partner with different actors over time to perform certain aspects of a compromise, such as initial access or money laundering, which is likely the case of at least some of these suspects. Breaking one link in their organizational cycle can cause significant albeit temporary disruptions to these groups, as identifying, vetting, and trusting new partners can be challenging in the criminal world," said Goody.
One year after its emergence in the threat landscape, Alpha ransomware has been discovered to resemble the Netwalker ransomware-as-a-service operation that was dismantled in January 2021, BleepingComputer reports.