Euro Police Swoop on 12 Suspected Ransomware Gang Members
Twelve threat actors were singled out by Europol last week in a major ransomware operation targeting multiple organized crime groups.
The unnamed suspected are believed to have been involved in deploying the LockerGoga, MegaCortex and Dharma variants or laundering the proceeds, the trans-national policing group claimed.
Focusing their efforts mainly on large organizations, the suspects impacted over 1800 victims in 71 countries, it added.
Individual players had specific roles, such as: gaining initial network access via phishing or brute-forcing credentials and SQL injection; lateral movement using Trickbot, Cobalt Strike or PowerShell Empire; and sending ransom demands for Bitcoin payment.
A joint investigation team (JIT) was first set up to tackle the threat in September 2019 – comprising police in Norway, France, the UK and Ukraine.
Last Wednesday, an action day in Ukraine and Switzerland led to the seizure of over $52,000 in cash, five luxury vehicles, and several electronic devices. However, it’s not clear whether the 12 have been arrested or charged.
Europol would only say that they are “high-value targets” under investigation in multiple high-profile cases in different jurisdictions.
Police from Norway, France, the Netherlands, UK, Ukraine, Germany,