THE AMERICA ONE NEWS
Jun 5, 2025  |  
0
 | Remer,MN
Sponsor:  QWIKET 
Sponsor:  QWIKET 
Sponsor:  QWIKET: Elevate your fantasy game! Interactive Sports Knowledge.
Sponsor:  QWIKET: Elevate your fantasy game! Interactive Sports Knowledge and Reasoning Support for Fantasy Sports and Betting Enthusiasts.
back  
topic
Euromaidanpress
Euromaidan Press
28 Nov 2023
Yuri Zoria


Europol: Key ransomware suspects arrested in Ukraine

Europol leads an international operation that successfully dismantles a Ukrainian ransomware group, causing substantial global financial losses.
International law enforcers during the searches in Ukraine at a property of a suspect, believed to be a ransomware gang member. Photo: europol.europa.eu

On 28 November, Europol reported that law enforcement agencies from seven countries had arrested the ringleader and four other key figures of a hacker gang operating from Ukraine, which used ransomware to illicitly extract hundreds of millions of euros from their victims.

“In an unprecedented effort, law enforcement and judicial authorities from seven countries have joined forces with Europol and Eurojust to dismantle and apprehend in Ukraine key figures behind significant ransomware operations wreaking havoc across the world,” Europol says.

On 21 November, a series of 30 property searches were conducted across the regions of Kyiv, Cherkasy, Rivne, and Vinnytsia, leading to the apprehension of the 32-year-old ringleader. Additionally, four of the most active associates of the ringleader were also taken into custody, according to Europol.

To aid the Ukrainian National Police in their investigative efforts, over 20 investigators from Norway, France, Germany, and the United States were deployed to Kyiv. This collaborative effort was mirrored at Europol’s headquarters in the Netherlands, where a virtual command post was activated to promptly analyze the data seized during the searches conducted in Ukraine.

This recent action builds upon arrests made in 2021 as part of the same investigation. Since then, Europol and Norway conducted operational sprints to analyze seized devices from Ukraine, aiding in the identification of last week’s suspects in Kyiv.

Europol says the suspects are linked to a network behind high-profile ransomware attacks spanning 71 countries, notably targeting large corporations. They utilized ransomware like LockerGoga, MegaCortex, HIVE, and Dharma. Some had roles in compromising IT networks, while others handled cryptocurrency laundering. They gained access through techniques like brute force attacks, SQL injections, and phishing emails with malicious attachments to steal credentials.

After infiltrating networks, the attackers went undetected, expanding access with tools like TrickBot, Cobalt Strike, and PowerShell Empire. They encrypted over 250 servers from major corporations, incurring losses surpassing hundreds of millions of euros.

Read also: