Police Arrest Suspected Ransomware Actor in Romania
European and US law enforcers have joined forces to arrest a suspected ransomware affiliate member who targeted firms in an IT supply chain attack.
Europol’s European Cybercrime Centre (EC3) supported the FBI and Romanian National Police in making the arrest at the suspect’s home in Craiova, Romania, in the early hours of yesterday morning.
He’s suspected of targeting a large Romanian IT company that provides services to corporate customers in the retail, energy and utilities sectors.
The individual used this access to deploy crypto-ransomware and steal files from many of those customers located both in Romania and abroad, according to Europol.
Among the data was financial information, personal information on employees and customers, and other important documents.
Using classic double extortion techniques, he then threatened to publish the information on a data leak site unless a ransom was paid. It’s not clear, however, if each individual company was blackmailed or just the original IT provider.
EC3 said it provided analytical, cryptocurrency tracing, malware analysis and forensic support, and sent two experts to Romania to help with seizing cryptocurrency assets and carrying out forensic work.
In May last year, police swooped on a Romanian gang