Tuesday, February 18, 2025
HomeComputer SecurityRansomware Affiliate Arrested for Selling Stolen Data of 300 Million People

Ransomware Affiliate Arrested for Selling Stolen Data of 300 Million People

Published on

SIEM as a Service

Follow Us on Google News

The Romanian National Police (Poliția Română) and the US Federal Bureau of Investigation (FBI) have recently arrested a ransomware affiliate with the help of Europol’s European Cybercrime Centre (EC3) for selling stolen data of 300 million people. 

Here the hacker has stolen this sensitive data from high-profile organizations and companies around the globe, including a large Romanian IT company by compromising their networks.

A partner of the extortionist group who is suspected of hacking into networks and stealing sensitive data has been arrested by Romanian law enforcement.

The suspect is a 41-year-old Romanian citizen, and he was arrested by law enforcement officials at his home in Craiova, Romania. The officials have claimed that the suspect was charged for:-

  • Art. 361 (Unauthorized interference in the operation of computers, automated systems, computer networks, or telecommunications networks)
  • Art. 361-2 (Unauthorized sale or dissemination of information with limited access stored in computers, automated systems, computer networks, or on media of such information)
  • Art. 362 (Unauthorized actions with information processing in computers, automated systems, committed by a person who has the right to access it)
  • Art. 182 (Violation of privacy)

Ransomware with blackmail

The network of a large Romanian IT company was targeted and hacked by the hacker since they deliver several IT services to the clients from several sectors like:-

  • Retail
  • Energy
  • Utility

Here the hacker stole sensitive data from the clients of the IT company and then deployed ransomware on the compromised network of the company.

The hacker has stolen the following data from the compromised network of the company:-

  • Companies’ financial information
  • Personal information about employees
  • Customers’ details
  • Other important documents

After settling all these data, the hacker encrypts all the data present on the systems of the compromised network and then demands a sizeable ransom payment in cryptocurrency.

Apart from this, on hacking forums for selling stolen personal data of users around the globe, Ukrainian law enforcement arrested 51 suspects during their infiltration operation that is dubbed as “DATA.”

The Head of the Department for Combating Crimes in the Field of Computer Systems stated:-

“The cost of databases ranged from 500 to 50 thousand hryvnias – depending on its content and commercial value. The attackers sold information on closed hacking forums, as well as on social networks and messengers. A total of 117 searches were conducted in different regions of Ukraine. As a result, more than 90,000 gigabytes of information were removed.”

Support of Europol

The EC3 of Europol have supported the whole operation and investigation by providing the following things:-

  • Analytical support
  • Cryptocurrency tracing
  • Malware analysis
  • Forensic support
  • For advance forensic support and to help with crypto-asset forfeiture deployed two of its experts to Romania.

During this investigation, more than 30 channels of illegal dissemination of information were blocked. However, currently, it is not yet known which group of ransomware the suspect was working with.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Highly Obfuscated .NET sectopRAT Mimic as Chrome Extension

SectopRAT, also known as Arechclient2, is a sophisticated Remote Access Trojan (RAT) developed using...

Threat Actors Trojanize Popular Games to Evade Security and Infect Systems

A sophisticated malware campaign was launched by cybercriminals, targeting users through trojanized versions of...

New Research Aims to Strengthen MITRE ATT&CK for Evolving Cyber Threats

A recent study by researchers from the National University of Singapore and NCS Cyber...

New LLM Vulnerability Exposes AI Models Like ChatGPT to Exploitation

A significant vulnerability has been identified in large language models (LLMs) such as ChatGPT,...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Zacks Investment Data Breach Exposes 12 Million Emails and Phone Numbers

A cybersecurity incident at Zacks Investment Research has exposed sensitive data belonging to 12...

Indian Post Office Portal Leak Exposes Thousands of KYC Records

The Indian Post Office portal recently exposed the sensitive Know Your Customer (KYC) data...

Global IoT Data Leak Exposes 2.7 Billion Records and Wi-Fi Passwords Worldwide

A massive security lapse has exposed over 2.7 billion records, including sensitive Wi-Fi credentials,...