Saturday, October 12, 2024
HomeRansomware3 Dangerous Ransomware Families Author Arrested in Poland and Seized the All...

3 Dangerous Ransomware Families Author Arrested in Poland and Seized the All Decryption keys

Published on

Malware protection

Authors of the 3 critical Ransomware Family Polski, Vortex, and Flotera has been arrested in Poland and authorities Seized their computer equipment including the Laptop and servers as well as the Private keys.

Tomasz T. – a Polish citizen who lives permanently in Belgium (known as Thomas or Armaged0n) responsible for conducting cybercrime such as DDOS attacks, sending malicious software to compromise the several computers and using ransomware to encrypt the files.

He used this ransomware to compromise thousands of computer on various Polish companies between 2013 and 2018.

- Advertisement - SIEM as a Service

Cybercrime official tracking him for several years since 2013 and he used payment cards linked to a technical bank account and he did many crime forms Belgium.

He was spreading this ransomware via email pretending to impersonate official correspondence from well-known companies, such as telecommunication providers, retailers, banks, etc.

Also Read: Hermes Ransomware Distributed Through Malicious Office Documents Embedded Flash Exploit

Earned $145,000 Using this Ransomware Family

Once victims infected with this ransomware, After the complete infection using this ransomware, all the victim’s files will be encrypted and her domain the ransom amount of USD 200 – 400.

He earned over $145,000 from various cybercrime by compromising the victim’s computer and all the payment has been made through bitcoins.

Later he exchanged the currency via Polish cryptocurrency exchange that is actually linked to his original bank account.

Seized all the equipment and prepared an Evidence

Polish Cybercrime has charged various compliant such as accepting and transferring funds from crimes, infecting the computer with malware such as Polish Ransomware, Vortex or Floter, influencing automatic data processing for financial benefits.

All these ransomware’s  Decryption keys have been collected from his computer and affected users form Polski, Vortex, and Flotera ransomware can large a complaint they can receive a decryption key for their files.

The suspect, questioned by the prosecutor, pleaded guilty to the charges he was charged with and made explanations.

After performing the procedural steps, the prosecutor filed a motion to apply to T. T. temporary detention for a period of three months. On March 16, 2018, the court upheld the motion of the prosecutor. Officials said.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Threat Actor ProKYC Selling Tools To Bypass Two-Factor Authentication

Threat actors are leveraging a newly discovered deepfake tool, ProKYC, to bypass two-factor authentication...

Mozilla Warns Of Firefox Zero-Day Actively Exploited In Cyber Attacks

A critical use-after-free vulnerability affecting Firefox and Firefox Extended Support Release (ESR) is being...

SpyCloud Embeds Identity Analytics in Cybercrime Investigations Solution to Accelerate Insider and Supply Chain Risk Analysis & Threat Actor Attribution

IDLink, SpyCloud’s new automated digital identity correlation capability, is now core to its industry-leading...

Abusix and Red Sift Form New Partnership, Leveraging Automation to Mitigate Cyber Attacks

The agreement has marked over 600,000 fraudulent domains for takedown in just two months...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Dark Angels Ransomware Attacking Windows And Linux/ESXi Systems

The sophisticated ransomware group Dark Angels, active since 2022, targets large companies for substantial...

Prince Ransomware Hits UK and US via Royal Mail Phishing Scam

A new ransomware campaign targeting individuals and organizations in the UK and the US...

RansomHub Ransomware Using Multiple Techniques To Disable EDR And Antivirus

The RansomHub ransomware group tracked as Water Bakunawa, employs targeted spear-phishing to exploit the...