17 June 2021

Clop ransomware gang members arrested in Ukraine


Clop ransomware gang members arrested in Ukraine

An international operation conducted by Ukrainian police in conjunction with law enforcement officers from the United States and the Republic of Korea led to arrest of six members of the Clop ransomware gang.

The suspects have been accused of running a double extortion scheme, threatening to leak victims’ sensitive information if ransom demand is not paid.

According to the National Police of Ukraine, victims included Stanford University’s Medical School, the University of Maryland, the University of California and a number of unnamed Korean organizations.

The attacks involved the use of the Clop ransomware, as well as other hacking tools, such as Cobalt Strike and FlawedAmmyy RAT causing estimated damages of up to $500 million, the Ukrainian police said in a statement.

The police have carried out 21 raids in the Ukrainian capital of Kyiv, including the homes of the defendants, resulting in the seizure of computer equipment, luxury cars, and 5 million hryvnias ($184,679) in cash. The law enforcement also shut down the infrastructure used to spread the malware and blocked channels for legalizing criminally acquired cryptocurrencies.

At present, it is not clear if the arrested individuals are affiliates or core members of the Clop ransomware operation. If convicted, each defendant faces up to eight years in prison for violating computer crime and money-laundering laws.

Back to the list

Latest Posts

Iranian hackers masqueraded as aerobics instructor to breach US defence company

Iranian hackers masqueraded as aerobics instructor to breach US defence company

The threat actor used alluring social media persona to infect the machine of an employee of the US aerospace defense contractor with the LEMPO malware.
29 July 2021
US, UK and Australia reveal most targeted vulnerabilities in the last two years

US, UK and Australia reveal most targeted vulnerabilities in the last two years

CVE-2019-19781 was the most exploited flaw in 2020.
29 July 2021
Chinese cyberspies target Microsoft Exchange servers with new PlugX variant

Chinese cyberspies target Microsoft Exchange servers with new PlugX variant

The latest version of PlugX has a variety of plug-ins that allow hackers to monitor, update and interact with the compromised system.
29 July 2021