Ukraine Cyber Police Crack Hacker Group

Uploaded on 2021-06-28 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW

Together with law enforcement officers of the Republic of Korea and the United States of America, the Ukraine National Cyber Police have exposed a hacker group though to be responsible for the theft of $500 million from companies in South Korea and the United States.

The Ukraine's specialist police unit have arrested members of the hacker group who carried out ransomware attacks on several foreign companies as well as universities between 2019-21. They have detained six members of Cl0p, a ransomware gang that most recently was associated with attacks on Stanford University Medical School and the University of California.

With the help of the malicious program "Clop", the hackers had encrypted the data on the media of companies in the Republic of Korea and the United States. Later, they demanded ransom-money to restore access. The six arrested individuals have been charged under Ukrainian law with offenses related to unauthorised access to computers, automated systems, and telecommunication networks. The individuals face a maximum of up to eight years in prison if convicted on all charges.

In 2019, four Korean companies were attacked with the Clop encryption virus, as a result of which 810 internal servers and personal computers of employees were blocked. Hackers had sent e-mails with a malicious file to the mailboxes of company employees. 

After opening the infected file, the program sequentially downloaded additional programs from the distribution server and completely infected the victims' computers with a remote managed program "Flawed Ammyy RAT".  Using remote access, the suspects activated malicious software "Cobalt Strike", which provided information about the vulnerabilities of infected servers for further capture. The attackers demanded a "ransom" in crypto currency for decrypting the information. 

Unlike common ransomware attacks, which encrypt a large number of uninstalled PCs and servers, the Advanced Persistent Threat (APT) attack is aimed at a specific victim's computer network and infects the entire system with a ransomware program. Law enforcement has managed to shut down the infrastructure from which the virus spreads and block channels for legalising criminally acquired crypto-currencies. 

Police officers conducted 21 searches in the capital and Kiev region, in the homes of the defendants and in their cars. Computer equipment, cars and about $5m in cash were seized. The property of the perpetrators was alsdo seized.  In 2020, the Ukraine Cyber Police carried out ten international police operations to expose hacker groups, detained 326 online fraudsters and prevented 62 facts of breach of intellectual property rights.

 As noted in a message on the Cyber Police website, members of the exposed hacker groups also caused damage to the countries of the European Union, Great Britain and the United States. 

Ukraine Cyber Police:     Dark Reading:     Republic World:        Interfax:       AIN

You Might Also Read: 

A New Era Of Malware:

 
« Diversity In Cyber Security
Bad Cyber Security Behavior At Home Risks Being Taken Back To Work »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ID-SIRTII/CC

ID-SIRTII/CC

Security Incident Response Team for Internet Infrastructure in Indonesia.

INCIBE-CERT

INCIBE-CERT

INCIBE-CERT is the reference security incident response center for citizens and private law entities in Spain

Lynx Technology Partners

Lynx Technology Partners

Lynx Technology Partners is a full service, full life-cycle risk-based security consulting firm.

NextVision

NextVision

NextVision is a Cybersecurity and Technology company offering a range of solutions and services for Security, Compliance and IT Infrastructure Management.

Kippeo Technologies

Kippeo Technologies

Kippeo is a security systems integrator providing innovative solutions that look at all the parameters and connect all the dots.

Blaze Information Security

Blaze Information Security

Blaze Information Security is a privately held, independent information security firm born from years of combined experience and international presence.

EPIC Insurance Brokers & Consultants

EPIC Insurance Brokers & Consultants

EPIC is an insuarnce broker and consultancy firm. Risk management services include risk consultancy and cybersecurity insurance.

Plug and Play Tech Center

Plug and Play Tech Center

Plug and Play is the ultimate innovation platform, bringing together the best startups and the world’s largest corporations.

WhiteHawk

WhiteHawk

WhiteHawk is the first online Cyber Security Exchange. We help you understand your cyber risk and match you to tailored and affordable solutions.

ControlMap

ControlMap

ControlMap is a software as a service platform with a mission to simplify and eliminate stress from everyday operations of modern IT compliance teams.

BlueSteel Cybersecurity

BlueSteel Cybersecurity

BlueSteel is a compliance consulting firm that leverages deep system, data and application expertise to build sustainable cybersecurity solutions.

Resourcive

Resourcive

Resourcive is the first Value Added Sourcing “VAS” consultancy. We deliver strategic IT sourcing solutions to mid-market and enterprise clients.

Apura Cybersecurity Intelligence

Apura Cybersecurity Intelligence

Apura is a Brazilian company that develops advanced products and provides specialized services in information security and cyber defense.

Panoptic Cyber

Panoptic Cyber

Panoptic Cyber are a team of elite Armed Forces Veterans who hold a wealth of experience in Information Security, Cyber Security, Data Protection and Risk Management.

Ampsight

Ampsight

Ampsight specializes in enabling cloud integration, securing data, and navigating complications that drive critical-mission success.

HanaByte

HanaByte

HanaByte is a security consultancy focused on delivering state of the art solutions in the cloud. We specialize in delivering cloud services with an emphasis on security.