An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries.
The threat actors are said to be affiliates of numerous ransomware operations, including LockerGoga, MegaCortex, HIVE, and Dharma. This cybercriminal operation is said to have led to the loss of hundreds of millions of euros.
The law enforcement operation occurred on November 21st, with coordinated raids in 30 locations in Kyiv, Cherkasy, Rivne, and Vinnytsia. As a result of the operation, police arrested the group's alleged ringleader and four of his accomplices.
Of particular interest is that Norway was involved in the operation, making cybersecurity researchers believe that this affiliate group may have been behind the Norsk Hydro attack, which involved the LockerGoga ransomware.
However, a threat actor disputed those rumors on the Russian-speaking XSS hacking forum, claiming that the affiliate group had nothing to do with the attack. The threat actor further claims to be the one who gave a police drone the finger in the below video of the law enforcement operation.
In other news, ransomware attacks have been surging, with further information about attacks being disclosed this week.