A European police task force have finally brought down the a ransomware gang that were behind the huge Capcom hack in 2020. If you don’t remember, this attack leaked employee information and unreleased game details on the internet and also prompted employees to come back into the office to prevent further leaks.
The group, Ragnar Locker, were apprehended all over Europe in raids conducted in Spain, Latvia, and the Czech Republic. This all started on October 16th when they were able to catch a key target in Paris which lead officials to searching his home in the Czech Republic.
Five other suspects were taken in and questioned in Latvia in Spain. While this was happening, equipment was being removed from locations in the Netherlands, Sweden, and Germany, which took down the site where leaks were being shared over the dark web.
Not only were the group behind the Capcom hack, they were also suspected of targeting a Portuguese airline and other targets.
If you aren’t familiar with tactics such as theirs, they have software installed on an unsespecting victim’s computer. It then propogates throughout a network until all, or at least critical, machines become infected. These computers are then encrypted and locked. Once that is done, the group will then extort the network stakeholders (mainly businesses, governments, critical service owners) into giving the group money in exchange for the decryption key. It can go a step further in that data can be leaked online if the stakeholders refuse to pay.
This investigation shows that once again international cooperation is the key to taking ransomware groups down. Prevention and security are improving, however ransomware operators continue to innovate and find new victims.
Europol will play its role in supporting EU Member States as they target these groups, and each case is helping us improve our modes of investigation and our understanding of these groups. I hope this round of arrests sends a strong message to ransomware operators who think they can continue their attacks without consequence.”
Europol’s European cybercrime boss Edvardas Šileris