Ransomware, Threat Intelligence

Ukraine-based ransomware gang dismantled by international operation

Europol and law enforcement agencies across seven countries, including the U.S., have dismantled a Ukraine-based ransomware operation following the arrests of its alleged leader and four accomplices, CyberScoop reports. More than 250 servers from organizations across 71 countries have been encrypted by the unnamed ransomware group, which leveraged the HIVE, LockerGoga, Dharma, and MegaCortex ransomware strains in its attacks that resulted in losses amounting to hundreds of millions of euros, according to Europol. Mandiant Head of Cybercrime Analysis Kimberly Goody noted that the arrested individuals may have been affiliated with various ransomware services. "Threat actors commonly partner with different actors over time to perform certain aspects of a compromise, such as initial access or money laundering, which is likely the case of at least some of these suspects. Breaking one link in their organizational cycle can cause significant albeit temporary disruptions to these groups, as identifying, vetting, and trusting new partners can be challenging in the criminal world," said Goody.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.