FBI Cleveland announced a significant victory against cybercrime by disrupting “Radar/Dispossessor,” a notorious ransomware group led by the online moniker “Brain.”
This operation dismantled three servers in the United States, three in the United Kingdom, and 18 in Germany.
Additionally, authorities seized eight U.S.-based criminal domains and one German-based domain.
The takedown was a collaborative effort involving the U.K.’s National Crime Agency, Bamberg Public Prosecutor’s Office, Bavarian State Criminal Police Office (BLKA), and the U.S. Attorney’s Office for the Northern District of Ohio.
Are you from SOC and DFIR Teams? Analyse Malware Incidents & get live Access with ANY.RUN -> Get 14 Days Free Access
Since its inception in August 2023, Radar/Dispossessor has quickly evolved into an international menace. The group targets small- to medium-sized businesses across various sectors: production, education, healthcare, and financial services.
Initially focused on U.S. entities, the FBI investigation revealed 43 companies worldwide as victims, including those in Argentina, Australia, Belgium, and Germany.
The ransomware employed a dual-extortion model, encrypting victims’ systems and exfiltrating data to pressure victims into paying ransoms.
Ransomware, a form of malicious software, encrypts data on a computer, rendering it unusable until a ransom is paid. Radar/Dispossessor exploited vulnerabilities such as weak passwords and lack of two-factor authentication to gain access to systems.
Once inside, the group obtained administrator rights and encrypted files and contacted victims to demand payment. The attackers threatened to release stolen data publicly if the ransom was not paid.
The FBI urges businesses targeted by ransomware to report incidents to its Internet Crime Complaint Center at ic3.gov or 1-800-CALL-FBI. The investigation is ongoing, and authorities are determined to bring those responsible to justice.
Download Free Cybersecurity Planning Checklist for SME Leaders (PDF) – Free Download
Cybersecurity researchers have uncovered a surge in the use of Advanced Encryption Standard (AES) encryption…
Kaspersky's latest report on mobile malware evolution in 2024 reveals a significant increase in cyber…
In a concerning trend, the frequency of scanning attacks targeting Internet of Things (IoT) devices…
Google is rolling out a new privacy-focused feature called Shielded Email, designed to prevent apps and…
Cybersecurity experts are warning of an increasing trend in fileless attacks, where hackers leverage PowerShell…
Unit 42 researchers have observed a threat actor group known as JavaGhost exploiting misconfigurations in…