Monday, February 10, 2025
HomeRansomware3 Dangerous Ransomware Families Author Arrested in Poland and Seized the All...

3 Dangerous Ransomware Families Author Arrested in Poland and Seized the All Decryption keys

Published on

SIEM as a Service

Follow Us on Google News

Authors of the 3 critical Ransomware Family Polski, Vortex, and Flotera has been arrested in Poland and authorities Seized their computer equipment including the Laptop and servers as well as the Private keys.

Tomasz T. – a Polish citizen who lives permanently in Belgium (known as Thomas or Armaged0n) responsible for conducting cybercrime such as DDOS attacks, sending malicious software to compromise the several computers and using ransomware to encrypt the files.

He used this ransomware to compromise thousands of computer on various Polish companies between 2013 and 2018.

Cybercrime official tracking him for several years since 2013 and he used payment cards linked to a technical bank account and he did many crime forms Belgium.

He was spreading this ransomware via email pretending to impersonate official correspondence from well-known companies, such as telecommunication providers, retailers, banks, etc.

Also Read: Hermes Ransomware Distributed Through Malicious Office Documents Embedded Flash Exploit

Earned $145,000 Using this Ransomware Family

Once victims infected with this ransomware, After the complete infection using this ransomware, all the victim’s files will be encrypted and her domain the ransom amount of USD 200 – 400.

He earned over $145,000 from various cybercrime by compromising the victim’s computer and all the payment has been made through bitcoins.

Later he exchanged the currency via Polish cryptocurrency exchange that is actually linked to his original bank account.

Seized all the equipment and prepared an Evidence

Polish Cybercrime has charged various compliant such as accepting and transferring funds from crimes, infecting the computer with malware such as Polish Ransomware, Vortex or Floter, influencing automatic data processing for financial benefits.

All these ransomware’s  Decryption keys have been collected from his computer and affected users form Polski, Vortex, and Flotera ransomware can large a complaint they can receive a decryption key for their files.

The suspect, questioned by the prosecutor, pleaded guilty to the charges he was charged with and made explanations.

After performing the procedural steps, the prosecutor filed a motion to apply to T. T. temporary detention for a period of three months. On March 16, 2018, the court upheld the motion of the prosecutor. Officials said.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

SHA256 Hash Calculation from Data Chunks

The SHA256 algorithm, a cryptographic hash function, is widely used for securing data integrity...

New Report of of 1M+ Malware Samples Show Application Layer Abused for Stealthy C2

A recent analysis of over one million malware samples by Picus Security has revealed...

Seven-Year-Old Linux Kernel Bug Opens Door to Remote Code Execution

Researchers have uncovered a critical vulnerability in the Linux kernel, dating back seven years,...

Ransomware Payments Plunge 35% as More Victims Refuse to Pay

In a significant shift within the ransomware landscape, global ransom payments plummeted by 35%...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Ransomware Payments Plunge 35% as More Victims Refuse to Pay

In a significant shift within the ransomware landscape, global ransom payments plummeted by 35%...

NetSupport RAT Grant Attackers Full Access to Victims Systems

The eSentire Threat Response Unit (TRU) has reported a significant rise in incidents involving...

Cisco Data Breach – Ransomware Group Allegedly Breached Internal Network

Sensitive credentials from Cisco's internal network and domain infrastructure were reportedly made public due...