In the short history of malware violence, very few of the professional criminals accountable for these issues have ever faced charges.
Given the high crime rate and low incarceration rate, it’s easy to see why renegade criminals often operate out of countries with lax or nonexistent regulations, and in rare cases (take Russia, for example) with what seems like the government’s arrogant implicit acceptance.
The mastermind’s incarceration
So, it may have been a refreshing change of pace for Europol to announce on November 21 that it had apprehended the 32-year-old man described as the “ringleader” of a major ransomware campaign.
It becomes clear that this was no minor procedure when you go deeper into the text. The capital of Ukraine, Kiev, saw the elevation of thirty qualities—an event so momentous that it prompted the deployment of twenty prosecutors from the US, Norway, France, and Germany to lend a hand.
Strangely, four of the four claimed leaders of the ransomware organization were also alleged to be fluent in Soviet languages, and this is true even though the operation took place in Ukraine. While it doesn’t necessarily make them Russian citizens, the surprise tie to the nation’s language is worth noting.
Partners aren’t skilled in engineering.
The allegations against these individuals are more significant. If Europol’s instruction sheet is to be believed:
“These virtual performers are known for particularly pursuing large corporations and effectively halting their businesses.” They employed a wide variety of viruses, including LockerGoga, MegaCortex, Hive, and Dharma, to launch their assaults.
In fact, if a joint American-German operation breached Hive in 2022, the families LockerGoga, MegaCortex, HIVE, and Dharma would rank among the most formidable malware families in history.
The charges leveled by Europol indicate that the attacks were highly effective in encrypting over 250 servers owned by different firms and demanding ransom payments totaling millions of euros.
It emerges to be vast, but tremendous; it’s probable that this gang was responsible for some of the worst assaults in recent years. The long-term impact of the arrests is, however, more than suggested.
The identities of individuals apprehended have not been released by Europol, although it is believed that they may have been involved in ransom transactions. The consequences of not doing so include the possible detention of anyone linked to the ransomware’s creation or distribution through Ransom-as-a-Service (RaaS) platforms.
The fact that these individuals weren’t really developing the ransomware—though they did utilize it to generate revenue—is a critical difference.
Based on information gathered during a raid in October 2021, twelve individuals were apprehended for reportedly targeting 1,800 victims in seventy-one countries with nearly identical ransomware variants, as reported by Europol. This led to the most current outbreak.
So, in two raids, the cops have hurt the members responsible for most of the issues. The criminals responsible for developing the underlying programs, however, remain unimpeded. Unfortunately, this leaves little room for improvement beyond a rudimentary comprehension of surveillance techniques to stop new affiliates from stepping into the breach created by the jailed individuals and launching new assaults using the same software.