Ransomware: Police arrest two in operation against 'prolific' gang that targeted big businesses

Coordinated international action involving Europol, Interpol, the FBI and others sees arrests made in Ukraine over involvement in more than 100 ransomware attacks.
Written by Danny Palmer, Senior Writer

Two 'prolific' ransomware operators that police said are known for their extortionate ransom demands of between €5 and €70 million have been arrested.

Police said assets have been seized including $375,000 in cash, two luxury cars and $1.3 million in cryptocurrencies. 

Authorities haven't disclosed which ransomware syndicate the two people arrested are involved with, only that the organised cybercrime group is suspected of carrying out a string of coordinated attacks against "very large industrial groups" across Europe and North America. Ukrainian cyber police have said they believe the ransomware operation has targeted more than 100 organisations. 

SEE: A winning strategy for cybersecurity (ZDNet special report)

Each of the attacks involved cyber criminals infiltrating networks and stealing sensitive information before encrypting files with ransomware and demanding a payment for the decryption key. 

"They would then proceed to offer a decryption key in return for a ransom payment of several millions of euros, threatening to leak the stolen data on the dark web should their demands not be met," Europol said.

The operation leading to the arrests involved six investigators from the French Gendarmerie, four from the US FBI, a prosecutor from the French Prosecution Office of Paris, two specialists from Europol's European Cybercrime Centre (EC3), and one Interpol officer. They were all deployed to Ukraine. 

Ransomware is one of the biggest cybersecurity issues the world faces today, with major attacks causing significant disruption to services people need. 


Editorial standards