17 June 2021

Clop ransomware gang members arrested in Ukraine


Clop ransomware gang members arrested in Ukraine

An international operation conducted by Ukrainian police in conjunction with law enforcement officers from the United States and the Republic of Korea led to arrest of six members of the Clop ransomware gang.

The suspects have been accused of running a double extortion scheme, threatening to leak victims’ sensitive information if ransom demand is not paid.

According to the National Police of Ukraine, victims included Stanford University’s Medical School, the University of Maryland, the University of California and a number of unnamed Korean organizations.

The attacks involved the use of the Clop ransomware, as well as other hacking tools, such as Cobalt Strike and FlawedAmmyy RAT causing estimated damages of up to $500 million, the Ukrainian police said in a statement.

The police have carried out 21 raids in the Ukrainian capital of Kyiv, including the homes of the defendants, resulting in the seizure of computer equipment, luxury cars, and 5 million hryvnias ($184,679) in cash. The law enforcement also shut down the infrastructure used to spread the malware and blocked channels for legalizing criminally acquired cryptocurrencies.

At present, it is not clear if the arrested individuals are affiliates or core members of the Clop ransomware operation. If convicted, each defendant faces up to eight years in prison for violating computer crime and money-laundering laws.

Back to the list

Latest Posts

Malicious actors target Kubernetes clusters via Argo Workflows

Malicious actors target Kubernetes clusters via Argo Workflows

In the observed attacks the threat actors deployed a popular cryptocurrency mining container, kannix/monero-miner.
26 July 2021
Kaseya obtains a decryptor for victims of the REvil ransomware attack

Kaseya obtains a decryptor for victims of the REvil ransomware attack

It's not clear, if the company paid any ransom.
23 July 2021
Chinese cyber-spies use hacked routers in attacks against French organizations

Chinese cyber-spies use hacked routers in attacks against French organizations

The hackers are hijacking home routers to build a proxy botnet in order to hide the origins of their attacks.
22 July 2021