Cyberpolice exposed a member of a hacker group involved in causing €40 million in damages to European companies
The attackers distributed malware that encrypted the data on the victims' equipment. A cryptocurrency ransom was demanded to restore access. The defendant was exposed in the course of an international police operation.
The member of the group was established by the employees of the Kyiv Cybercrime Office together with the Main Investigation Department of the National Police, employees of the Prosecutor General's Office and in cooperation with law enforcement officers of Germany, the Netherlands, the Federal Bureau of Investigation and with the support of Europol.
A 39-year-old citizen of Ukraine, currently living in Germany, has been involved in large-scale cyber attacks using the DoppelPaymer ransomware. Attacks with this virus have become possible thanks to the widespread EMOTET malware.
The ransomware was distributed through various channels, including through phishing and spam emails with attached documents containing malicious code - JavaScript or VBScript. Once on the equipment, the malware encrypted the data, and the attackers demanded a ransom to restore access.
Among the victims are almost four dozen European companies, critical infrastructure and industry. The total amount of damage reaches 40 million euros.
At the place of residence of the accused, law enforcement officers conducted a search. The equipment that was used in illegal activities has been removed. Also, searches took place in two apartments belonging to the attacker, in Kyiv and Kharkiv.
Currently, German law enforcement officers are identifying other members of the group. Investigative actions continue.
National Police of Ukraine