Ukraine arrests ransomware gang in global cyber criminal crackdown

News
By
published

Details are sketchy, but it’s a start

Police
(Image credit: Pexels)

Ukranian police have raided the headquarters of the notorious Cl0p ransomware gang, seizing computer hardware used in its operations along with the equivalent of $184,000, which is most likely ransom money.

According to Cybernews, the group has attacked several high profile targets mostly in the US, and South Korea, including the Stanford University Medical School, the University of Maryland, and the University of California. 

Cl0p was also reportedly adept at running a ransomware-as-a-service operation and had collaborated with other cybercriminal groups, especially when going after bigger targets such as oil giant Shell, and the American Flagstar Bank.

As per reports, the Ukranian law enforcement stated that the suspects it rounded up during the raids were using the Cl0p ransomware, though it did not disclose whether they were members or only affiliates of the gang.

Cl0p shopped

Ransomware attacks have long been a threat for any large scale network, though the frequency of the attacks has arguably increased during the pandemic, as businesses relax the protections around their corporate networks in order to facilitate remote working.

Oliver Tavakoli, CTO at cybersecurity company Vectra AI believes that such law enforcement actions can eventually help shrink the ransomware ecosystem, since the increased likelihood of repercussions will discourage criminals from the business of ransomware. 

“When periodic disruptions occur in the supply chain of ransomware and sometimes ransoms are reclaimed (as the FBI recently did with some of the Colonial Pipeline ransom payments), the business of ransomware itself becomes less lucrative and less people are drawn into it,“ says Tavakoli.

Ukraine’s action could have geopolitical ramifications as well. With Ukraine-Russia relations at an all time low, the arrest comes even as Russia continues to drag its feet when it comes to disrupting ransomware groups operating within its jurisdiction, such as the one that is thought to be behind the Colonial Pipeline attack. 

Mayank Sharma
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Read more
Ransomware
8base ransomware site taken down in global police operation
Cl0p ransomware group says it was behind Cleo attacks
Lock on Laptop Screen
Clop ransomware lists Cleo cyberattack victims
Cryptocurrencies
Ransomware’s favorite Russian crypto exchange seized by law enforcement
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Less than half of ransomware incidents end in payment - but you should still be on your guard
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
More reports claim 2024 was the worst year for ransomware attacks yet
Latest in Security
healthcare
Software bug meant NHS information was potentially “vulnerable to hackers”
A hacker wearing a hoodie sitting at a computer, his face hidden.
Experts warn this critical PHP vulnerability could be set to become a global problem
botnet
YouTubers targeted by blackmail campaign to promote malware on their channels
A close-up of a phone screen showing the Telegram, Signal and WhatsApp apps
Agentic AI has “profound” issues with security and privacy, Signal President says
botnet
Another top security camera maker is seeing devices hijacked into botnet
Bluetooth
Top Bluetooth chip security flaw could put a billion devices at risk worldwide
Latest in News
Homepage of Manus, a new Chinese artificial intelligence agent capable of handling complex, real-world tasks, is seen on the screen of an iPhone.
Manus AI may be the new DeepSeek, but initial users report problems
Google Maps
Nightmare Google Maps glitch is deleting timelines, and there isn't a fix yet
Twitter social media application change logo to X. Elon Musk CEO of twitter rebranded Twitter to 'X'. Social media application technology concept.
X is down again – Elon Musk confirms 'massive cyberattack' as former Twitter site hit by fourth outage today
Joe Goldberg and Kate Lockwood sitting at a table and looking at the camera in You season 5.
Netflix releases a killer new trailer for You season 5 but my favorite character is missing from Joe's final chapter
Person using Dyson V8 vacuum
Dyson vacuums have one big problem and I don't understand why
A laptop on a desk with the Windows 11 background on its screen.
Microsoft is adding image editing and compression to its Windows Share feature - and I couldn't be happier
More about security
botnet

YouTubers targeted by blackmail campaign to promote malware on their channels
A hacker wearing a hoodie sitting at a computer, his face hidden.

Experts warn this critical PHP vulnerability could be set to become a global problem
An AMD Radeon RX 9070 XT vs RX 9070 against a red two-tone background

AMD RX 9070 XT vs 9070: Which RDNA 4 GPU should you buy?
See more latest
Most Popular
Person using Dyson V8 vacuum
Dyson vacuums have one big problem and I don't understand why
Glowing server racks inside a data center.
The dirty little secret about AI hardware that you should know about: server vendors have to wrestle with wafer thin margins and bigger customers
Joe Goldberg and Kate Lockwood sitting at a table and looking at the camera in You season 5.
Netflix releases a killer new trailer for You season 5 but my favorite character is missing from Joe's final chapter
Google Maps
Nightmare Google Maps glitch is deleting timelines, and there isn't a fix yet
botnet
YouTubers targeted by blackmail campaign to promote malware on their channels
A laptop on a desk with the Windows 11 background on its screen.
Microsoft is adding image editing and compression to its Windows Share feature - and I couldn't be happier
A screen shot from a promotional video showing the HealthBuds fitness tracking earphones from Synseer
These mysterious wireless earbuds claim to monitor your heart and hearing health simultaneously, but there’s a catch
Homepage of Manus, a new Chinese artificial intelligence agent capable of handling complex, real-world tasks, is seen on the screen of an iPhone.
Manus AI may be the new DeepSeek, but initial users report problems
AdGuard VPN during TechRadar tests
AdGuard becomes the latest VPN to add post-quantum encryption
Twitter social media application change logo to X. Elon Musk CEO of twitter rebranded Twitter to 'X'. Social media application technology concept.
X is down again – Elon Musk confirms 'massive cyberattack' as former Twitter site hit by fourth outage today