Monday, May 20, 2024

Ransomware Affiliate Arrested for Selling Stolen Data of 300 Million People

The Romanian National Police (Poliția Română) and the US Federal Bureau of Investigation (FBI) have recently arrested a ransomware affiliate with the help of Europol’s European Cybercrime Centre (EC3) for selling stolen data of 300 million people. 

Here the hacker has stolen this sensitive data from high-profile organizations and companies around the globe, including a large Romanian IT company by compromising their networks.

A partner of the extortionist group who is suspected of hacking into networks and stealing sensitive data has been arrested by Romanian law enforcement.

The suspect is a 41-year-old Romanian citizen, and he was arrested by law enforcement officials at his home in Craiova, Romania. The officials have claimed that the suspect was charged for:-

  • Art. 361 (Unauthorized interference in the operation of computers, automated systems, computer networks, or telecommunications networks)
  • Art. 361-2 (Unauthorized sale or dissemination of information with limited access stored in computers, automated systems, computer networks, or on media of such information)
  • Art. 362 (Unauthorized actions with information processing in computers, automated systems, committed by a person who has the right to access it)
  • Art. 182 (Violation of privacy)

Ransomware with blackmail

The network of a large Romanian IT company was targeted and hacked by the hacker since they deliver several IT services to the clients from several sectors like:-

  • Retail
  • Energy
  • Utility

Here the hacker stole sensitive data from the clients of the IT company and then deployed ransomware on the compromised network of the company.

The hacker has stolen the following data from the compromised network of the company:-

  • Companies’ financial information
  • Personal information about employees
  • Customers’ details
  • Other important documents

After settling all these data, the hacker encrypts all the data present on the systems of the compromised network and then demands a sizeable ransom payment in cryptocurrency.

Apart from this, on hacking forums for selling stolen personal data of users around the globe, Ukrainian law enforcement arrested 51 suspects during their infiltration operation that is dubbed as “DATA.”

The Head of the Department for Combating Crimes in the Field of Computer Systems stated:-

“The cost of databases ranged from 500 to 50 thousand hryvnias – depending on its content and commercial value. The attackers sold information on closed hacking forums, as well as on social networks and messengers. A total of 117 searches were conducted in different regions of Ukraine. As a result, more than 90,000 gigabytes of information were removed.”

Support of Europol

The EC3 of Europol have supported the whole operation and investigation by providing the following things:-

  • Analytical support
  • Cryptocurrency tracing
  • Malware analysis
  • Forensic support
  • For advance forensic support and to help with crypto-asset forfeiture deployed two of its experts to Romania.

During this investigation, more than 30 channels of illegal dissemination of information were blocked. However, currently, it is not yet known which group of ransomware the suspect was working with.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.


Latest articles

Hackers Exploiting Docusign With Phishing Attack To Steal Credentials

Hackers prefer phishing as it exploits human vulnerabilities rather than technical flaws which make...

Norway Recommends Replacing SSLVPN/WebVPN to Stop Cyber Attacks

A very important message from the Norwegian National Cyber Security Centre (NCSC) says that...

New Linux Backdoor Attacking Linux Users Via Installation Packages

Linux is widely used in numerous servers, cloud infrastructure, and Internet of Things devices,...

ViperSoftX Malware Uses Deep Learning Model To Execute Commands

ViperSoftX malware, known for stealing cryptocurrency information, now leverages Tesseract, an open-source OCR engine,...

Santander Data Breach: Hackers Accessed Company Database

Santander has confirmed that there was a major data breach that affected its workers...

U.S. Govt Announces Rewards up to $5 Million for North Korean IT Workers

The U.S. government has offered a prize of up to $5 million for information...

Russian APT Hackers Attacking Critical Infrastructure

Russia leverages a mix of state-backed Advanced Persistent Threat (APT) groups and financially motivated...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles