Network of cybercriminals dismantled in international operation
Ransomware attacks are an increasingly lucrative form of digital hostage-taking and their impact, estimated at billions of dollars by Interpol, continues to grow.
REUTERS - Kacper Pempel
Text by: RFI Follow
2 min
Seven hackers, including a 22-year-old Ukrainian, implicated in the giant cyberattack against the Kaseya company in July, have been arrested in an international operation involving 17 countries.
Advertising
Read more
The operation dubbed Golddust targeted the
Russian-speaking
hacker
group
REvil, sometimes referred to as Sodinokibi, and the GandCrab ransomware group, Europol detailed in a statement.
Five affiliates to # Sodinokibi / # REvil were arrested during operation #GoldDust, which involved 17 countries, Europol, @Eurojust & @INTERPOL_HQ.
The arrested affiliates are suspected of 7,000 infections, asking for over € 200 million in ransom.
More ➡️ https://t.co/DMuGJuuq7D pic.twitter.com/2btgGFdElt
- Europol (@Europol) November 8, 2021
The seven people arrested are suspected of having carried out "
approximately 7000 infections
" around the world with software encrypting the data of their targets.
They would have "
asked for more than 200 million euros in ransoms
" in exchange for the decryption key, explained the European police agency, Europol.
Iaroslav Vasinski, alias Robotnik, accused of having attacked the American computer company Kaseya on July 2, was arrested on October 8 in Poland at the request of the United States.
"
We have asked for him to be extradited under the treaty between our two countries,
" US Justice Minister Merrick Garland said at a press conference.
Attorney General Merrick Garland: "Today we are announcing that we are bringing to justice an alleged perpetrator of a significant wide-reaching ransomware attack."
Full @TheJusticeDept News Conference here: https://t.co/6HQUC7zRZW pic.twitter.com/sDXrepu08Q
- CSPAN (@cspan) November 8, 2021
The attack on the American publisher Kaseya in July 2021 paralyzed more than 1,500 companies around the world, including the supermarket chain Coop in Sweden, whose
stores remained closed
for several days.
According to several experts, this cyberattack was carried out by an affiliate of the Russian-speaking hacker group known as REvil.
The group of hackers REvil then demanded
70 million dollars in bitcoins
, or 59 million euros, to restore the data.
Information partially confirmed by Kaseya.
►
To read also: Kaseya case: "Computer hackers are always one step ahead"
The United States Minister of Justice, Merrick Garland, at a press conference Monday, November 8, offered rewards of up to $ 10 million for any information that would locate or identify the leaders of the REvil group.
Two other hackers, suspected of having claimed 5,000 victims and pocketing half a million euros in ransoms, were also arrested in Romania, another arrested in Kuwait and three in South Korea, according to Interpol.
The American justice also announced the seizure of 6.1 million dollars in cryptocurrency, corresponding to sums extorted by another member of the REvil group, the Russian Evguéni Polianine, 28 years old.
Attacks rançongiciel,
ransomware
in English, are a form of increasingly lucrative digital hostages.
Interpol believes that their financial impact continues to increase.
REvil is considered the most formidable group of cybercriminals.
Newsletter
Receive all international news directly in your mailbox
I subscribe
Follow all the international news by downloading the RFI application
google-play-badge_FR
Technologies
Internet
Cybercriminality