Ukrainian police authorities have nabbed five members of a gang that’s believed to have helped orchestrate attacks against more than 50 companies across Europe and the U.S and caused losses to the tune of more than $1 million.
The special operation, which was carried out in assistance with law enforcement officials from the U.K. and U.S., saw the arrest of an unnamed 36-year-old individual from the capital city of Kyiv, along with his wife and three other accomplices.
A total of nine searches across the suspects’ homes were carried out, resulting in the seizure of computer equipment, mobile phones, bank cards, flash drives, three cars, and other items with evidence of illegal activity.
The Cyber Police of the National Police of Ukraine said the group offered a “hacker service” that enabled financially motivated crime syndicates to send phishing emails containing file-encrypted malware to lock confidential data pertaining to its victims, demanding that the targets pay cryptocurrency ransoms in return for restoring access to the files.
However, it’s not immediately clear what ransomware strain the perpetrators used to encrypt data on victim computers.
Besides ransomware attacks on foreign companies, the hacking cartel also provided IP-address spoofing services to transnational cybercrime actors, who unlawfully used the platform to break into systems belonging to government and commercial entities to collect sensitive information and carry out DDoS attacks to paralyze the networks.
“To launder criminal proceeds, the offenders conducted complex financial transactions using a number of online services, including those banned in Ukraine,” Ukraine’s Secret Service (SSU) said. “At the last stage of converting assets into cash, they transferred funds to payment cards of an extensive network of fictitious persons.”
The development is the latest in a string of law enforcement actions undertaken by Ukraine over the past year to tackle the menace of ransomware that’s crippled organizations and critical infrastructure alike.
Last month, authorities apprehended 51 people in connection with illegally possessing about 100 databases containing personal information of more than 300 million citizens of Ukraine, Europe, and the U.S.
Prior to that, the National Police of Ukraine was also involved in the arrest of ransomware affiliates associated with Egregor, Cl0p, LockerGoga, MegaCortex, and Dharma families as well as individuals who were found operating a DDoS botnet and a phishing service called U-Admin.
Then in October 2021, the SSU partnered with the U.S. intelligence agencies to detain several members of a money laundering operation that engaged with various hacking groups who carried out cyber theft activities and wanted to convert the stolen virtual funds into cash.
A month later, the cyber department also dismantled a five-member hacking group dubbed Phoenix that specialized in remote hacking of mobile devices for over two years with the goal of stealing personal data, which was then sold to other third-parties for an average cost of $200 per account.