"Police Arrest Hackers Behind Over 1,800 Ransomware Attacks"

According to Europol, 12 individuals believed to be connected to ransomware attacks against over 1,800 victims in 71 countries have been arrested. The law enforcement report revealed that the actors launched ransomware strains, including LockerGoga, MegaCortex, and Dharma. They also deployed malware such as TrickBot and post-exploitation tools like Cobalt Strike. LockerGoga emerged in the wild in January 2019, when it was used to attack the French engineering and R&D consultant Altran Technologies. The number of LockerGoga and MegaCortex infections was the highest during that year. A report from the National Cyber Security Centre (NCSC) in the Netherlands linked 1,800 infections to Ryuk and those two strains. The most notable case attributed to the suspects is a 2019 attack against the Norwegian aluminum production giant Norsk Hydro, which disrupted the company's operations. An announcement posted by the Norwegian police said that they never stopped hunting for the threat actors as they worked with foreign counterparts to take them down. The arrests were made in Ukraine and Switzerland on October 26, 2021. The simultaneous raids also led to police seizing $52,000 in cash, electronic devices, and more. Europol described the arrested individuals as high-value targets because they are believed to have initiated multiple high-profile ransomware incidents. In addition, the cybercriminals had specialized roles in a highly organized criminal organization, with each of them being responsible for different operations. For example, some of them carried out activities in network penetration, while others executed brute force attacks, performed SQL injections, or handled credential phishing operations. This article continues to discuss the arrest of 12 hackers who were behind more than 1,800 ransomware attacks. 

Bleeping Computer reports "Police Arrest Hackers Behind Over 1,800 Ransomware Attacks"