Ukraine Cyber Police Crack Hacker Group

Together with law enforcement officers of the Republic of Korea and the United States of America, the Ukraine National Cyber Police have exposed a hacker group though to be responsible for the theft of $500 million from companies in South Korea and the United States.

The Ukraine's specialist police unit have arrested members of the hacker group who carried out ransomware attacks on several foreign companies as well as universities between 2019-21. They have detained six members of Cl0p, a ransomware gang that most recently was associated with attacks on Stanford University Medical School and the University of California.

With the help of the malicious program "Clop", the hackers had encrypted the data on the media of companies in the Republic of Korea and the United States. Later, they demanded ransom-money to restore access. The six arrested individuals have been charged under Ukrainian law with offenses related to unauthorised access to computers, automated systems, and telecommunication networks. The individuals face a maximum of up to eight years in prison if convicted on all charges.

In 2019, four Korean companies were attacked with the Clop encryption virus, as a result of which 810 internal servers and personal computers of employees were blocked. Hackers had sent e-mails with a malicious file to the mailboxes of company employees. 

After opening the infected file, the program sequentially downloaded additional programs from the distribution server and completely infected the victims' computers with a remote managed program "Flawed Ammyy RAT".  Using remote access, the suspects activated malicious software "Cobalt Strike", which provided information about the vulnerabilities of infected servers for further capture. The attackers demanded a "ransom" in crypto currency for decrypting the information. 

Unlike common ransomware attacks, which encrypt a large number of uninstalled PCs and servers, the Advanced Persistent Threat (APT) attack is aimed at a specific victim's computer network and infects the entire system with a ransomware program. Law enforcement has managed to shut down the infrastructure from which the virus spreads and block channels for legalising criminally acquired crypto-currencies. 

Police officers conducted 21 searches in the capital and Kiev region, in the homes of the defendants and in their cars. Computer equipment, cars and about $5m in cash were seized. The property of the perpetrators was alsdo seized.  In 2020, the Ukraine Cyber Police carried out ten international police operations to expose hacker groups, detained 326 online fraudsters and prevented 62 facts of breach of intellectual property rights.

 As noted in a message on the Cyber Police website, members of the exposed hacker groups also caused damage to the countries of the European Union, Great Britain and the United States. 

Ukraine Cyber Police:     Dark Reading:     Republic World:        Interfax:       AIN

You Might Also Read: 

A New Era Of Malware:

 
« Diversity In Cyber Security
Bad Cyber Security Behavior At Home Risks Being Taken Back To Work »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Evidian

Evidian

Evidian, a Bull Group company, is the European leader and one of the major worldwide vendors of identity and access management software.

Axiomatics

Axiomatics

Axiomatics provides dynamic authorization and access control solutions to protect critical data assets.

CloudCodes Software

CloudCodes Software

CloudCodes is a cloud security solutions provider focused on providing cloud security solutions to enterprise customers.

MetaFlows

MetaFlows

MetaFlows’ SaaS malware detection & prevention software passively analyzes the behavior and the content of Internet traffic.

Securely

Securely

Securely Ltd. is an IT consulting and services firm specializing in PKI solutions and products.

KOS-CERT

KOS-CERT

KOS-CERT is the national Computer Incident Response Team for Kosovo.

Digital Resolve

Digital Resolve

Digital Resolve delivers solutions that help companies maintain trust and confidence through proven and cost-effective fraud-protection and identity intelligence technology.

GuardSI

GuardSI

GuardSI was created to protect companies from growing threats to security such as fraud, hacking, internal theft, accidents and human mistakes that can directly affect the business.

Cervello

Cervello

Cervello is a leading provider of comprehensive and proven solutions to protect railways against cyber attacks.

ScienceSoft

ScienceSoft

ScienceSoft is a provider of software development and IT consulting services including Information Security.

Iron Bow Technologies

Iron Bow Technologies

Iron Bow Technologies is a leading IT solution provider dedicated to successfully transforming technology investments into business capabilities for government, commercial and healthcare clients.

Ankura Consulting Group

Ankura Consulting Group

Ankura is a global expert services and advisory firm that delivers services and end-to-end solutions in a wide range of areas including cybersecurity and digital transformation.

UNS Inc.

UNS Inc.

UNS is a top services partner for multiple leaders in the global cybersecurity industry – we do business in 40 countries, including the United States, Canada, Chile, and Colombia.

Commonwealth Scientific & Industrial Research Organisation (CSIRO)

Commonwealth Scientific & Industrial Research Organisation (CSIRO)

CSIRO is Australia's national science agency. We solve the greatest challenges through innovative science and technology.

Eviden

Eviden

Eviden is an Atos business that brings together its digital, big data and security business lines. It will be a global leader in data-driven, trusted and sustainable digital transformation.

Confidencial

Confidencial

Confidencial is a provider of solutions that help organizations secure their most sensitive information, regardless if that information exists inside or is shared outside the organization.