Europol on Friday announced the takedown of the infrastructure associated with Ragnar Locker ransomware, together with the arrest of a “crucial target” in France.
“In an action carried out in between 16 and 20 October, searches were performed in Czechia, Spain, and Latvia,” the agency said. “The most important perpetrator, suspected of staying a developer of the Ragnar group, has been introduced in entrance of the inspecting magistrates of the Paris Judicial Courtroom.”
Five other accomplices involved with the ransomware gang are mentioned to have been interviewed in Spain and Latvia, with the servers and the details leak portal seized in the Netherlands, Germany, and Sweden.
Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
The effort and hard work is the hottest coordinated training involving authorities from Czechia, France, Germany, Italy, Japan, Latvia, the Netherlands, Spain, Sweden, Ukraine, and the U.S. Two suspects affiliated with the ransomware crew were earlier arrested from Ukraine in 2021. A year afterwards, a further member was apprehended in Canada.
Ragnar Locker, which very first emerged in December 2019, is recognised for a string of attacks focusing on critical infrastructure entities across the planet. According to Eurojust, the team has fully commited attacks from 168 global firms around the globe since 2020.
“The Ragnar Locker group was regarded to make use of a double extortion tactic, demanding extortionate payments for decryption resources as properly as for the non-release of the delicate information stolen,” Europol said.
Ukraine’s Cyber Police claimed it conducted raids at just one of the suspected members’ premises in Kyiv, confiscating laptops, cell telephones and digital media.
The law enforcement motion coincides with the Ukrainian Cyber Alliance (UCA) infiltrating and shutting down the leak site run by the Trigona ransomware team and wiping out 10 of the servers, but not in advance of exfiltrating the info saved in them. There is proof to propose that the Trigona actors applied Atlassian Confluence for their activities.
Just as the dismantling of Hive and Ragnar Locker signifies ongoing efforts to deal with the ransomware menace, so are the initiatives carried out by risk actors to evolve and rebrand underneath new names. Hive, for instance, has resurfaced as Hunters International.
The progress will come as India’s Central Bureau of Investigation, primarily based on details shared by Amazon and Microsoft, stated it raided 76 destinations throughout 11 states in a nationwide crackdown aimed at dismantling infrastructure utilised to facilitate cyber-enabled economic crimes this sort of as tech assist ripoffs and cryptocurrency fraud.
The exercising, codenamed Procedure Chakra-II, led to the seizure of 32 cell phones, 48 laptops/tough disks, illustrations or photos of two servers, 33 SIM cards, and pen drives, as effectively as a dump of 15 email accounts.
It also follows the extradition of Sandu Diaconu, a 31-calendar year-outdated Moldovan national, from the U.K. to the U.S. to facial area charges linked to his part as the administrator of E-Root Marketplace, a web page that provided accessibility to far more than 350,000 compromised computer system credentials all over the world for ransomware attacks, unauthorized wire transfers, and tax fraud.
The web-site, which went operational in January 2015, was taken down in 2020 and Diaconu was arrested in the U.K. in Might 2021 while attempting to flee the nation.
“The E-Root Market operated across a extensively distributed network and took steps to disguise the identities of its administrators, prospective buyers, and sellers,” the U.S. Office of Justice (DoJ) explained this week.
“Purchasers could lookup for compromised laptop qualifications on E-Root, such as RDP and SSH accessibility, by sought after conditions such as rate, geographic location, internet company supplier, and operating system.”
In a relevant legislation enforcement motion, Marquis Hooper, a previous U.S. Navy IT manager, was sentenced to five yrs and five months in prison for illegally getting 9,000 U.S. citizens’ individually identifiable facts (PII) and marketing it on the dark web for $160,000 in bitcoin.
Located this short article appealing? Abide by us on Twitter and LinkedIn to read through additional distinctive articles we submit.
Some components of this post are sourced from:
thehackernews.com
Okta’s Support System Breach Exposes Customer Data to Unidentified Threat Actors