Ukraine Cyber Police Crack Hacker Group

Uploaded on 2021-06-28 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW

Together with law enforcement officers of the Republic of Korea and the United States of America, the Ukraine National Cyber Police have exposed a hacker group though to be responsible for the theft of $500 million from companies in South Korea and the United States.

The Ukraine's specialist police unit have arrested members of the hacker group who carried out ransomware attacks on several foreign companies as well as universities between 2019-21. They have detained six members of Cl0p, a ransomware gang that most recently was associated with attacks on Stanford University Medical School and the University of California.

With the help of the malicious program "Clop", the hackers had encrypted the data on the media of companies in the Republic of Korea and the United States. Later, they demanded ransom-money to restore access. The six arrested individuals have been charged under Ukrainian law with offenses related to unauthorised access to computers, automated systems, and telecommunication networks. The individuals face a maximum of up to eight years in prison if convicted on all charges.

In 2019, four Korean companies were attacked with the Clop encryption virus, as a result of which 810 internal servers and personal computers of employees were blocked. Hackers had sent e-mails with a malicious file to the mailboxes of company employees. 

After opening the infected file, the program sequentially downloaded additional programs from the distribution server and completely infected the victims' computers with a remote managed program "Flawed Ammyy RAT".  Using remote access, the suspects activated malicious software "Cobalt Strike", which provided information about the vulnerabilities of infected servers for further capture. The attackers demanded a "ransom" in crypto currency for decrypting the information. 

Unlike common ransomware attacks, which encrypt a large number of uninstalled PCs and servers, the Advanced Persistent Threat (APT) attack is aimed at a specific victim's computer network and infects the entire system with a ransomware program. Law enforcement has managed to shut down the infrastructure from which the virus spreads and block channels for legalising criminally acquired crypto-currencies. 

Police officers conducted 21 searches in the capital and Kiev region, in the homes of the defendants and in their cars. Computer equipment, cars and about $5m in cash were seized. The property of the perpetrators was alsdo seized.  In 2020, the Ukraine Cyber Police carried out ten international police operations to expose hacker groups, detained 326 online fraudsters and prevented 62 facts of breach of intellectual property rights.

 As noted in a message on the Cyber Police website, members of the exposed hacker groups also caused damage to the countries of the European Union, Great Britain and the United States. 

Ukraine Cyber Police:     Dark Reading:     Republic World:        Interfax:       AIN

You Might Also Read: 

A New Era Of Malware:

 
« Diversity In Cyber Security
Bad Cyber Security Behavior At Home Risks Being Taken Back To Work »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Bryan Cave LLP

Bryan Cave LLP

Bryan Cave LLP is a global business and litigation law firm. Practice areas include Data Privacy and Security.

XenArmor

XenArmor

XenArmor products include NetCertScanner, an enterprise software to scan & manage expired SSL Certificates on your local network or internet.

Karlsruhe Institute of Technology (KIT)

Karlsruhe Institute of Technology (KIT)

KIT is a leading research and education institutions with strong capabilities in information systems and security.

Center for Identity - University of Texas at Austin

Center for Identity - University of Texas at Austin

The mission of the Center is to deliver the highest-quality discoveries, applications, education, and outreach for excellence in identity management, privacy, and security.

Jamcracker

Jamcracker

Jamcracker is a cloud services management and cloud governance solutions company, with more than a decade of experience providing industry leading software and services.

i-Sprint Innovations

i-Sprint Innovations

i-Sprint is a leader in Securing Identity and Transactions in the Cyber World for industries that are security sensitive.

GulfTalent

GulfTalent

GulfTalent is the leading job site for professionals in the Middle East and Gulf region covering all sectors and job categories, including cybersecurity.

NSW Cyber Security Innovation Node

NSW Cyber Security Innovation Node

NSW Cyber Security Innovation Node is part of a national network designed to foster and accelerate cyber capability and innovation across Australia.

Smart Hive

Smart Hive

Smart Hive has created a platform that will allow organizations to share real-time, relevant and actionable threat intelligence among each other while maintaining confidentiality.

Liberty Mutual

Liberty Mutual

Liberty Specialty Markets offers specialty and commercial insurance and reinsurance products, including Cyber, across the USA, Europe, Middle East and other international locations.

Ethyca

Ethyca

Ethyca builds automated data privacy infrastructure and tools for developers and privacy teams to easily build products that comply with GDPR, CCPA Privacy Regulations.

riskmethods

riskmethods

riskmethods helps you proactively identify, assess and mitigate supply chain risk. You need to master supply chain risk management—we can help.

Security & Intelligence Division (SID) - Singapore

Security & Intelligence Division (SID) - Singapore

Security & Intelligence Division (SID) protects Singapore from external threats and safeguards its interests in areas related to terrorism, cyber security, other transnational threats, and geopolitics

Block Harbor Cybersecurity

Block Harbor Cybersecurity

Block Harbor has worked closely with automakers, suppliers, and regulators since 2014 on vehicle cybersecurity.

FoxPointe Solutions

FoxPointe Solutions

FoxPointe Solutions is a full-service cyber risk management and compliance firm.

VT Group (VTG)

VT Group (VTG)

VTG delivers force modernization and digital transformation solutions that expand America’s competitive advantage in the modern battlespace.