Topics
Latest
AI
Amazon
Image Credits:TechCrunch (screenshot)
Apps
Biotech & Health
Climate
Image Credits:TechCrunch (screenshot)
Cloud Computing
commercialism
Crypto
Authorities raiding the home of the alleged developer behind the RagnarLocker ransomware.Image Credits:Polizia di Stato(opens in a new window)
Enterprise
EVs
Fintech
fund-raise
gadget
bet on
Government & Policy
Hardware
layoff
Media & Entertainment
Meta
Microsoft
Privacy
Robotics
surety
societal
Space
Startups
TikTok
Transportation
Venture
More from TechCrunch
Events
Startup Battlefield
StrictlyVC
Podcasts
TV
Partner Content
TechCrunch Brand Studio
Crunchboard
Contact Us
An international group of law enforcement agencies have disrupted the ill-famed RagnarLocker ransomware procedure .
TechCrunch reported Thursday that an external law enforcement operation necessitate agencies from the U.S. , European Union and Japan had seized the RagnarLocker group ’s dark World Wide Web portal . The portal , which the gang used to extort its victims by publishing their stolen data point , now reads : “ This table service has been seized by a part of a organize international jurisprudence enforcement action against the RagnarLocker group . ”
RagnarLocker ’s infrastructure was also seized in the Netherlands , Germany and Sweden . allot to Eurojust , the EU means that ordinate criminal justice cooperation across the axis , a total of nine server were seized : five in the Netherlands , two in Germany and two in Sweden . Eurojust also report that it seized various cryptocurrencies , though their economic value is presently unknown .
Ukrainian government , who were part of the 11 - rural area surgical process , enjoin in a separateannouncementon Friday that its officers explore the premises of another RagnarLocker suspect near Kiev , and recovered laptops , mobile phones and other electronic media .
In a press release , Italy ’s Polizia di Stato ( State Police ) confirmed its involvement in the coordinated international exertion , which it called “ Operation Mole . ” The Italian jurisprudence enforcement agencyalso put out a videothat shows footage from a raid conducted by French , Italian and Czech law broker , presumptively in the house of the 35 - class - erstwhile human being they had arrested .
RagnarLocker is both the name of a ransomware striving and the criminal grouping that develops and operates it . The gang , whichsomesecurity experts have link to Russia , has been keep direct victims since 2020 , and has predominantly snipe organizations in the critical infrastructure sphere .
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
In an alerting published last class , the FBI warned that it had identified at least 52 U.S. entity across 10 critical infrastructure sectors , include fabrication , energy and political science , that had been affected by RagnarLocker ransomware . At the same time , the FBIreleasedindicators of compromise associated with RagnarLocker , including Bitcoin addresses used to gather ransom money demands , and email addresses used by the gang ’s operators .
In its announcement on Friday , Ukraine ’s police say that since 2020 the RagnarLocker grouping had attacked and exfiltrated data from 168 international companies in Europe and the United States . The group demanded between $ 5 and $ 70 million dollars in cryptocurrency from its victim .
If a victim refused to pay up or notified jurisprudence enforcement of the trespass , the hacker would publish the victim ’s data on the group ’s since - seized dark World Wide Web web site .
“ Ragnar Locker explicitly warned their victims against contacting law enforcement , threatening to publish all the steal data point of victimise organisations seeking assist on its dark web ‘ Wall of Shame ’ wetting website , ” Europol said on Friday . “ Little did they recognize that law enforcement was closing in on them . ”
Although the gang has been under the alert eye of practice of law enforcement for some time , RagnarLocker has been targeting victim as recently as this month , according to ransomware trackerRansomwatch . In September , the bunch claimed obligation for an attack on Israel ’s Mayanei Hayeshua infirmary and threatened to leak more than a TB of data allegedly slip during the incident .
Lorenzo Franceschi - Bicchierai give reporting and writing . This article was first published on October 19 , and updated with new details and scuttlebutt from Europol and Italy ’s Polizia di Stato ( State Police ) .
Ragnarok ransomware gang shuts down and releases its decipherment key fruit
