International Operation Leads to Arrests in Ukraine Over Multi-Million Euro Cyberattacks

122
International Operation Leads to Arrests in Ukraine Over Multi-Million Euro Cyberattacks

In a massive international effort, investigators from seven different countries teamed up with Europol and Eurojust to nab several key suspects linked to the RaaS (Ransomware as a Service) operation called Hive in Ukraine. This group was allegedly behind a string of major cyberattacks that caused damage running into hundreds of millions of euros, Europol revealed in a press statement.

More than 20 investigators from Norway, France, the Netherlands, Ukraine, Switzerland, the USA, and Germany were on the ground in Kyiv, lending support to the Ukrainian National Police in their investigative efforts. Both the Public Prosecutor’s Office in Stuttgart and the Reutlingen Police Department issued a joint press release detailing the recent developments.

The coordinated operation saw a total of 30 searches conducted in regions including Kyiv, Cherkasy, Rivne, and Vinnytsia on November 21. During these searches, investigators made significant headway, apprehending the alleged 32-year-old leader of the hacker group and four of their top collaborators. Additionally, a virtual command center was established in the Netherlands to swiftly analyze the seized data.

These individuals are accused of participating in ransomware attacks targeting organizations across 71 countries. According to Europol, their investigations revealed that the group encrypted over 250 servers belonging to major companies, resulting in staggering damages. Previous victims of the Hive ransomware included the IT systems of Potsdam city and the MediaMarktSaturn Group.

Interestingly, initial arrests linked to the Hive ransomware occurred in Ukraine back in 2021. Forensic analyses of devices seized during those arrests helped investigators identify further suspects, ultimately leading to these recent apprehensions.

Aside from Hive, the alleged hackers reportedly utilized other ransomware strains like Lockergoga, Megacortex, and Dharma. They also employed brute-force attacks, SQL injections, and phishing emails to gain access to user accounts and infiltrate the networks of their target organizations. Once inside these networks, they utilized additional hacking tools like Trickbot, Cobalt Strike, and PowerShell Empire to compromise numerous systems.

READ MORE: Deutsche Telekom Surpasses 7.1 Million FTTH Homes, Leads German Fiber Expansion

Previous articleDeutsche Telekom Surpasses 7.1 Million FTTH Homes, Leads German Fiber Expansion
Next articleAmazon Introduces Palm Scanners for Offices, Prompting Data Privacy Concerns
William Wylie
William Wylie, a tech writer with a penchant for future tech, shares his perspective on the ever-evolving world of tech, offering a glimpse into the next big breakthroughs.