Europol has reported the arrest of two people in Ukraine in connection with ransomware assaults for which ransom demands were as high as €70 million ($81 million). According to the press release released today (October 4) by the law enforcement agencies, the attackers were a member of an organized crime “suspected of having committed a string of targeted attacks against very large industrial groups in Europe and North America from April 2020 onwards.”
The FBI, the French police, and the Ukrainian National Police collaborated in the international law enforcement operation and carried out the whole operation.
The individuals are described as members of a top-tier gang in Europol and Ukrainian police releases, but Europol informed BleepingComputer that they couldn’t name the organisation for operational reasons.
The arrests were made on September 28 following a search warrant operation that yielded $375,000 in cash and two luxury automobiles valued at about $250,000.
According to Europol, cryptocurrency assets worth $1.3 million have also been blocked.
“Both these individuals were part of the same group which focused not only on ransom attacks but also laundered criminal funds,” Europol told BleepingComputer.
The data was stolen, deployed, and encrypted before offering a “decryption key” in return for a ransom payment of several million euros, threatening to leak the stolen data on the dark web should their demands not be met.
Europol said it assisted the agencies in developing a coordinated approach, as well as providing analytical, malware, forensic, and crypto-tracing support, as well as establishing a virtual command post to ease cooperation.
According to research published last week by corporate security firm Fortinet, ransomware assaults have increased by 1,070 percent year on year.
The detained people face up to twelve years in jail, according to a statement from Ukraine’s cyber-police, for violating two sections of the country’s criminal code, one for illegal interference with computer networks and systems and the other for money laundering.
This year, Ukrainian authorities detained more people suspected of being involved in the Clop and Egregor ransomware operations.