FBI claims success in taking down another major ransomware group

News
By
published

Law enforcement seizes dozens of servers belonging to Radar

A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
(Image credit: Getty Images)

The FBI has announced taking down the infrastructure belonging to a notorious ransomware operation known as Radar (AKA Dispossessor). 

Even though the group doesn’t enjoy the same level of fame as the likes of LockBit or Black Basta, Radar was still a fairly formidable organization - the FBI’s announcement claimed it had hit 43 victim organizations located all over the world, including the US, UK, Germany, and many others. 

As a result of the FBI’s operation, the organization took down Radar’s website, and seized a number of servers. The website now features an FBI message stating “This website has been seized”. In total, three servers in the US, three in the UK, and 18 in Germany, were confiscated. Furthermore, the FBI took eight “criminal domains” in the US, and one in Germany. 

Exploiting flaws

Radar’s modus operandi does not differ much from what we’re used to in the ransomware scene. 

The group, operated by a ringleader named “Brain”, employs the double-extortion tactic, by first stealing sensitive information from the victim organization, and then deploying the encryptor which renders the entire IT infrastructure useless. It then demands a ransom payment, usually in bitcoin or Monero, in exchange for the decryption key. 

If the company refuses, and instead reloads its systems from a backup, it will threaten to release the stolen files online. From time to time, the group would also reach out to its victims via phone, it was said. 

To access their target’s systems, Radar looks for vulnerabilities, weak passwords, and a lack of multi-factor authentication (MFA), the FBI confirmed. 

This is not the first time law enforcement has recently seized IT infrastructure belonging to ransomware operations, as a few months ago, police hit the LockBit cybercrime gang.

While commendable, it will probably make little difference in the long run, as without any arrests, the perpetrators can just rebuild and continue their operations.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Ransomware
8base ransomware site taken down in global police operation
Cryptocurrencies
Ransomware’s favorite Russian crypto exchange seized by law enforcement
Representational image of a cybercriminal
US, UK crack down on Russian bulletproof hosting service ZServers for LockBit partnership
DDoS attack
Europol announces takedown of major DDoS-for-hire network
Cyber crime concept with man in handcuffs
Global police operation takes down major cybercrime and hacking forums
A concept image of someone typing on a computer. A red flashing danger sign is above the keyboard and nymbers and symbols also in glowing red surround it.
A major FBI operation has deleted Chinese malware from thousands of US computers
Latest in Security
healthcare
Software bug meant NHS information was potentially “vulnerable to hackers”
A hacker wearing a hoodie sitting at a computer, his face hidden.
Experts warn this critical PHP vulnerability could be set to become a global problem
A close-up of a phone screen showing the Telegram, Signal and WhatsApp apps
Agentic AI has “profound” issues with security and privacy, Signal President says
botnet
Another top security camera maker is seeing devices hijacked into botnet
Bluetooth
Top Bluetooth chip security flaw could put a billion devices at risk worldwide
How to prevent cyberattacks
NTT admits hackers accessed details of almost 18,000 corporate customers in cyberattack
Latest in News
Homepage of Manus, a new Chinese artificial intelligence agent capable of handling complex, real-world tasks, is seen on the screen of an iPhone.
Manus AI may be the new DeepSeek, but initial users report problems
Twitter social media application change logo to X. Elon Musk CEO of twitter rebranded Twitter to 'X'. Social media application technology concept.
X is down again – here's everything we know about Twitter's third outage of the day
A screen shot from a promotional video showing the HealthBuds fitness tracking earphones from Synseer
These mysterious wireless earbuds claim to monitor your heart and hearing health simultaneously, but there’s a catch
Nvidia geforce rtx 3050
RTX 5050 rumors detail full spec of desktop graphics card, suggesting Nvidia may use slower video RAM – but I wouldn’t panic yet
OnePlus 13
OnePlus is ditching the Alert Slider for an iPhone-style customizable button - and I’ll be sad to see it go
healthcare
Software bug meant NHS information was potentially “vulnerable to hackers”
More about security
A hacker wearing a hoodie sitting at a computer, his face hidden.

Experts warn this critical PHP vulnerability could be set to become a global problem
botnet

Another top security camera maker is seeing devices hijacked into botnet
A group of people, including Rand and Moiraine, standing on a sandy cliff in The Wheel of Time season 3

'It's bigger, bolder, and bleaker': The Wheel of Time season 3 cast teases what to expect from the Prime Video show's most daunting chapter yet
See more latest