Four people were arrested and more than 100 servers taken offline in “the largest operation ever” against malware playing a major role in the deployment of ransomware, Europol announced Thursday.
Dubbed “Endgame”, this international operation had “a global impact on the ecosystem of ‘droppers'”, Europol said, designating a type of software used to insert other malware into a target system.
In addition to the four arrests made in Armenia and Ukraine, eight individuals linked to these criminal activities will be added to the list of Europe’s most wanted people.
This raid, coordinated between May 27 and 29 from the headquarters of the European Police Agency in The Hague, gave rise to nearly twenty searches in Armenia, Ukraine, as well as in Portugal and the Netherlands. Down.
More than 100 servers seized
More than 100 servers were seized in different European countries, the United States and Canada. It is mainly companies, authorities and national institutions which have been victims of the “malicious systems” dismantled, according to the European judicial agency, Eurojust. According to the Dutch police, they suffered damage amounting to “hundreds of millions of euros”.
“Millions of individuals were also victims because their systems were infected, which made them integrated” into this malware, Dutch police said in a statement.
Illegal cryptocurrency gains
According to the investigation, opened in 2022, one of the main suspects earned at least 69 million euros in cryptocurrency by renting criminal infrastructure for the deployment of ransomware, Eurojust detailed.
The authorities first targeted the groups behind the six malware families: IcedID, SystemBC, Bumblebee, Smokeloader, Pikabot and Trickbot.
These “droppers” are associated with at least 15 ransomware groups, the German Federal Criminal Police Office and the Frankfurt Public Prosecutor’s Office said in a joint statement.
ats/miro
