Law enforcement agencies have successfully dismantled a major hacker network that caused billions in damages to companies worldwide. The group had been attacking corporate servers since 2018, targeting businesses in France, Norway, Germany, the Netherlands, Canada, and the United States.
The hackers used ransomware, a type of malicious software that locks company data and demands payment in cryptocurrency. Over the years, the group encrypted more than 1,000 servers, making it impossible for companies to access their own information until a ransom was paid. The total damages caused by their attacks have been estimated at over UAH 3 billion, which is roughly $80 million.
Authorities worked together across borders to neutralize the network. The operation included coordination between Ukrainian law enforcement, the US FBI, Europol, and other international partners. Several members of the hacker group have already been arrested and brought to justice, while the key leaders remain on an international wanted list. The US authorities have even offered up to $10 million for information leading to their capture.
Dragonfly strikes again: Russian state hackers hijack networks through old Cisco vulnerabilities
The investigation revealed that this network operated with high levels of organization. Each member had a specific role, from writing malicious software to breaking into corporate networks and managing illegal payments. The complexity of the operation shows that cybercrime can be as structured and coordinated as traditional criminal organizations.
Ransomware Attacks Used Advanced Techniques
The hackers used several well-known ransomware programs to carry out their attacks. These included LockerGoga, MegaCortex, HIVE, and Dharma, which block access to company servers and demand cryptocurrency payments to release the data.
Some members focused on developing these malicious programs, while others specialized in breaking into networks and deploying the ransomware. In addition, a group of participants helped launder the stolen money, making it more difficult for investigators to trace the illegal funds.
Social Security whistleblower Charles Borges resigns after warning of data security risks
One of the most active participants has been formally charged with serious cybercrimes, including illegal interference with computer systems, creating malicious software, and extortion. If convicted, this individual could face up to 12 years in prison.
Authorities have already arrested several members of the network in Ukraine. A foreign participant on the international wanted list was also extradited to the United States to face legal action. These actions highlight the global reach and cooperation required to tackle modern cybercrime.
The network’s attacks caused significant disruption to companies’ operations. By encrypting critical data, the hackers forced businesses to spend time and money to restore systems, adding to the financial losses. This shows how ransomware is not just a financial crime, but also a serious threat to business stability worldwide.
⚖️ DOJ announces takedown of RapperBot botnet responsible for over 370,000 cyberattacks
International Cooperation Leads to Success
The case demonstrates the importance of cross-border cooperation in fighting cybercrime. Multiple law enforcement agencies and prosecutors worked together to identify the hackers, track their activities, and bring them to justice.
The network had been active for more than six years, targeting companies in several countries and causing enormous economic damage. Investigators highlighted that the hackers operated like a well-organized criminal enterprise, with clear roles and coordinated actions.
Authorities stressed that international cooperation and advanced cyber investigation techniques were essential in neutralizing the threat. By combining resources and sharing information, countries were able to stop the hackers, arrest key members, and track down the leaders who remain at large.
This operation marks a significant achievement in the global fight against cybercrime. By taking down a network that caused billions in damages, law enforcement agencies sent a clear message that cybercriminals cannot operate without consequences.