Ukrainian Police Arrest Ransomware Group Targeting 50 Companies

Ukrainian police, in cooperation with the Security Service of Ukraine (SBU), cyber police, and law enforcement agencies from the United States and the United Kingdom, have arrested a group of extortionists responsible for attacks on more than 50 companies across Europe and the U.S.

According to an official SBU press release, “The criminals carried out hacker attacks on foreign companies and also provided paid services to other hackers for IP address spoofing. Preliminary estimates suggest the group earned over one million dollars during its operations. Unlike regular VPN services, which anyone can legally pay for and use, the criminals’ services offered much broader functionality. In particular, [the hackers] allowed users to upload computer viruses, spyware, and other malicious software through their platform. In other words, this was an entirely ‘criminal’ service, created by criminals for criminals, and beyond the control of authorities and law enforcement.”

The service was reportedly very popular among members of international hacker groups, who used it to:

• Hack government and commercial enterprise systems to collect confidential information;
• Distribute ransomware and demand payment for decryption;
• Conduct DDoS attacks to paralyze systems.

Additionally, the hacker group carried out extortion attacks on their own, sending malicious spam via email.

Authorities have confirmed the arrest of the leader of the unnamed group, a 36-year-old Kyiv resident, along with his wife and three acquaintances. The suspects’ names have not been disclosed, and it is still unknown which specific malware they were associated with.

The arrests took place earlier this week. Searches of the suspects’ homes and vehicles resulted in the seizure of computer equipment, mobile phones, bank cards, flash drives, and three cars.