FBI Cleveland announced a significant victory against cybercrime by disrupting “Radar/Dispossessor,” a notorious ransomware group led by the online moniker “Brain.”
This operation dismantled three servers in the United States, three in the United Kingdom, and 18 in Germany.
Additionally, authorities seized eight U.S.-based criminal domains and one German-based domain.
The takedown was a collaborative effort involving the U.K.’s National Crime Agency, Bamberg Public Prosecutor’s Office, Bavarian State Criminal Police Office (BLKA), and the U.S. Attorney’s Office for the Northern District of Ohio.
Are you from SOC and DFIR Teams? Analyse Malware Incidents & get live Access with ANY.RUN -> Get 14 Days Free Access
Since its inception in August 2023, Radar/Dispossessor has quickly evolved into an international menace. The group targets small- to medium-sized businesses across various sectors: production, education, healthcare, and financial services.
Initially focused on U.S. entities, the FBI investigation revealed 43 companies worldwide as victims, including those in Argentina, Australia, Belgium, and Germany.
The ransomware employed a dual-extortion model, encrypting victims’ systems and exfiltrating data to pressure victims into paying ransoms.
Ransomware, a form of malicious software, encrypts data on a computer, rendering it unusable until a ransom is paid. Radar/Dispossessor exploited vulnerabilities such as weak passwords and lack of two-factor authentication to gain access to systems.
Once inside, the group obtained administrator rights and encrypted files and contacted victims to demand payment. The attackers threatened to release stolen data publicly if the ransom was not paid.
The FBI urges businesses targeted by ransomware to report incidents to its Internet Crime Complaint Center at ic3.gov or 1-800-CALL-FBI. The investigation is ongoing, and authorities are determined to bring those responsible to justice.
Download Free Cybersecurity Planning Checklist for SME Leaders (PDF) – Free Download
Hackers have reportedly infiltrated and extracted a vast 82 GB of sensitive data from the Indonesian…
IBM has issued a security bulletin warning of two vulnerabilities in its AIX operating system…
The Apache Software Foundation has issued a security alert regarding a critical vulnerability in Apache…
The Chinese National Internet Emergency Center (CNIE) has revealed two significant cases of cyber espionage…
A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing millions…
Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer through…