Luxury cars and $100 bills recovered from the Police bust of ransomware gang in Ukraine

Police in Ukraine said they have arrested members of a major ransomware gang. The arrests mark the first time a law enforcement agency has announced a mass arrest of a prolific hacker group that had extorted Americans by either encrypting an organization’s files or threatening to leak them to the public. 

The gang, known as Cl0p, has hacked a number of American targets, including the University of Miami, Florida, Stanford University, University of Maryland, and University of Colorado, demanding a payment to either keep their systems functional or to not publish material they were able to steal.

The bust comes as ransomware has gone from a quietly pervasive cybersecurity problem to a broadly discussed national security issue, thanks to a series of high-profile attacks that have threatened to cripple some U.S. supply chains.Ukrainian police officers have conducted 21 searches at the homes of defendants in the Kyiv region. (via National Police of Ukraine)Ukrainian police officers have conducted 21 searches at the homes of defendants in the Kyiv region.

Ukraine’s announcement coincided with President Joe Biden’s meeting with Russian President Vladimir Putin in Geneva. Biden is expected to press Putin to take action against ransomware hackers who operate with impunity within Russia’s borders.

Ransomware has become a significant problem in the United States. Recent ransomware attacks briefly hobbled the Colonial Pipeline, shutting down the country’s largest fuel pipeline for five days, and JBS, one of the country’s largest meat suppliers.

The majority of the most prolific ransomware gangs are believed to operate in Eastern Europe, and Russia in particular.

Ukraine’s cyber police announced they had arrested six people involved with Cl0p, and seized a number of computers, cars and about 5 million Ukrainian hryvnia ($185,000) in cash.

A video released by Ukrainian authorities showed heavily armed officers descending on what appeared to be residences and seizing everything from stacks of cash and computers to luxury cars.

Though Cl0p wasn’t the most prolific ransomware gang, it still hacked dozens of targets, mostly in the U.S. and South Korea, since becoming operational in the summer of 2020, said Allan Liska, a ransomware analyst at the cybersecurity company Recorded Future.

“While they weren’t considered a top-tier ransomware actor, their methods were fairly sophisticated,” he said.

Interpol, the international police organization, which often helps with cybercrime investigations, said it assisted with the case, a spokesperson said in an email.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s