Ukrainian police have swooped on five suspected members of a ransomware affiliate that targeted dozens of foreign companies and made at least $1m in profits.

Officers from the country’s Cyber Police Department and the Security Service (SBU), teamed-up with law enforcers in the US and UK to track down the gang, which is said to have hit more than 50 companies in Europe and America.

They arrested the alleged leader, a 36-year-old from Kyiv, his wife and three other co-conspirators.

According to Ukrainian police, the group targeted companies with phishing emails laden with ransomware.

They also sold IP address-spoofing services to other hackers to help them stay hidden while launching ransomware, information theft, DDoS and other attacks, the SBU said.

“Unlike ‘regular’ VPN services, which can be legally purchased and used, the services offered by this group had broader functionality. For example, they enabled the user to download viruses, spyware and other malware through the platform. It was an unlawful organization set up by criminals for other criminals,” the SBU explained.

“The investigation revealed that the organizers were Ukrainian citizens, including those wanted by foreign law enforcement agencies. They administered the service from personal computers, and, to avoid responsibility, disguised themselves under various nicknames in the darknet.”

Criminal proceeds were laundered using “complex financial transactions” via a number of online services, including some banned in Ukraine. Assets were then transferred to payment cards registered in false names, the SBU added.

According to the Cyber Police Department, one of the suspects is wanted in the UK after stealing bank card details from customers of British lenders and using them to buy goods online, which they later resold.

Ukrainian officers and police from the UK and US carried out nine searches in suspects’ homes and cars, seizing computer equipment, mobile phones, bank cards, flash drives and three vehicles

Leave a Reply