Oct 20, 2023 at 7:09 PM Update: 6 minutes ago
A major ransomware gang has been dismantled in an international police operation. The suspected leader has been arrested and the platform is off the air. Five of the group’s servers were seized in the Netherlands and Dutch investigators assisted in the investigation.
It concerns an international group of criminals. As far as we know, there are no Dutch nationals among the suspects. The European services Europol (police) and Eurojust (justice) announced the results of the action against the Ragnar Locker gang on Friday.
The main suspect was arrested in Paris last Monday. His house in the Czech Republic has been searched. Five other suspects were subsequently interrogated in Spain and Latvia.
The group’s site on the dark web, a protected part of the internet, has been taken down in Sweden. In addition to the Netherlands, servers have also been seized in Germany and Sweden.
Tens of millions of euros demanded
The ransomware, also called Ragnar Locker, has been active since December 2019. Its creators have infected and locked down computer systems. They also stole internal data.
They then demanded ransoms from the victims, both to unlock the systems and to return sensitive data. That amount could amount to tens of millions of euros. The makers of the ransomware also threatened to release all files if victims reported it.
168 organizations attacked
Detectives believe the group has attacked 168 organizations. Last year they hit Portugal’s national airline, TAP. A month ago they carried out a digital attack on a hospital near Tel Aviv in Israel.
In 2021, two other leaders of Ragnar Locker were already arrested in Ukraine. Last year, another suspect was arrested in Canada. During the follow-up investigation, detectives gained insight into the rest of the gang.
Beeld: Getty Images
Read more about: