Ukrainian Cyber Police, in Collaboration with International Law Enforcement, Dismantles a Dangerous Hacker Group

Ukrainian law enforcement officers, working in tandem with colleagues from France, the Czech Republic, Germany, Italy, Latvia, the Netherlands, Spain, Sweden, Japan, Canada, and under the coordination of Europol and Eurojust, conducted a large-scale international operation to neutralize the notorious hacker group, Ragnar Locker. As reported on Europol's website, the group was involved in ransom demands using ransomware viruses.

As part of the operation, conducted from October 16 to 20, searches were carried out in the Czech Republic, Spain, Latvia, Ukraine, and other countries. The key suspect was arrested on October 16 in Paris, and on the same day, a search was conducted at his residence in the Czech Republic.

It's worth noting that the initial arrests in this case took place in Ukraine in 2021. In October 2021, French gendarmes and FBI investigators, along with Europol and Interpol experts, went to Ukraine to conduct joint investigations with the National Police of Ukraine, resulting in the arrest of two prominent members of Ragnar Locker.

The Ragnar Locker group has been active since 2020. During this time, the criminals targeted 168 international companies in Europe and America with ransomware attacks. Hackers infiltrated corporate servers, stole information, and encrypted data, rendering it inaccessible to the rightful owners.

To restore access to the data, the hackers demanded anywhere from $5 million to $70 million in cryptocurrency, threatening to release stolen confidential information on the dark web if their demands were not met. In addition to businesses, the group also targeted critical infrastructure in various countries, including a Portuguese national carrier and a hospital in Israel.

Law enforcement officials noted that the organizers had a clear division of labor within the group: some members collected information and identified vulnerabilities in the cybersecurity of their targets, while others with programming skills were responsible for creating and modifying malicious software to carry out the attacks.

"This investigation once again highlights the importance of international cooperation in combating ransomware groups. While prevention and security measures improve, malicious actors continue to innovate and find new victims. Europol will play its role in supporting EU Member States in dealing with these groups, and each case helps us refine our investigative methods and better understand these groups," stated Europol.

Recall that in June, the UK government announced that it would expand its cybersecurity assistance program to Ukraine. The UK has decided to allocate an additional £16 million (approximately $20.5 million) to fund cybersecurity programs in Ukraine.