Police Bust Ransomware Gang in Ukraine

Police in Ukraine said this week they arrested members of a major ransomware gang. From a report: The arrests mark the first time a law enforcement agency has announced a mass arrest of a prolific hacker group that had extorted Americans by either encrypting an organization's files or threatening to leak them to the public. The gang, known as Cl0p, has hacked a number of American targets, including the University of Miami, Florida, Stanford University, University of Maryland, and University of Colorado, demanding a payment to either keep their systems functional or to not publish material they were able to steal. The bust comes as ransomware has gone from a quietly pervasive cybersecurity problem to a broadly discussed national security issue, thanks to a series of high-profile attacks that have threatened to cripple some U.S. supply chains.

Ukraine's announcement coincided with President Joe Biden's meeting with Russian President Vladimir Putin in Geneva. Biden is expected to press Putin to take action against ransomware hackers who operate with impunity within Russia's borders. Ransomware has become a significant problem in the United States. Recent ransomware attacks briefly hobbled the Colonial Pipeline, shutting down the country's largest fuel pipeline for five days, and JBS, one of the country's largest meat suppliers. The majority of the most prolific ransomware gangs are believed to operate in Eastern Europe, and Russia in particular. Ukraine's cyber police announced they had arrested six people involved with Cl0p, and seized a number of computers, cars and about 5 million Ukrainian hryvnia ($185,000) in cash.

Re:

[K. S. Kyosuke]

U kraine now?

Make example - summary execution

[Anonymous Coward]

These people need to be executed as an example to the other hackers - it's the only way we will be able to stop this, it's too lucrative for a slap on the wrist to be any type of deterrent.

Re:

[Narcocide]

What makes you think they even caught the real hackers? The people doing this are too smart to get caught this way.

Re:

[iggymanz]

no, they're just dumb thugs that buy toolkits. What they do is traceable , and the governments of the world and their big corporate masters have had enough, it's bad for business and their cash flow. The jack boot is coming down.

Re:

[Baki]

They should be treated like ordinary thieves that caused large damage. A severe punishment, long jail time, is just, but making an example and death penality never is.

Making examples is always unjust, and if the justice system is not just, it will totally fail in the long run (and turn on its own citizens).

Good..

[e3m4n]

Now shove an oversized dildo in their ass, and use a padlock to strap it in place. They can remove it after paying the ransom for the padlock combination.

Re:Good..

[geekmux]

Now shove an oversized dildo in their ass, and use a padlock to strap it in place. They can remove it after paying the ransom for the padlock combination.

"This is the lockpicking lawyer, and what I have for you today, is fucked up folks."

"One is binding, got a scream out of two.."

Re:

[slashmydots]

Light them on fire
Sell them the extinguisher
Seriously though, they should execute them to send a message.

Re: Good..

[e3m4n]

Waterboarding them everyday for a year ought to turn their brains into PTSD mush. Then later just turn on a faucet to watch them piss themselves.

Re:

[sabt-pestnu]

Alas, while I can agree with the sentiment, it would do squat as a deterrent. Witness: murder sentences.

Re:

[Ol Olsoc]

Now shove an oversized dildo in their ass, and use a padlock to strap it in place. They can remove it after paying the ransom for the padlock combination.

There is prior art for this. One weird IOT doodad is chastity locks, controlled by an app. Well, hackers did their thing, and ransom-locked them https://www.techradar.com/news... [techradar.com] .

"You want your pecker back, comrade? send some bitcoin!" People are truly idiots

Small potatoes

[tomhath]

One of dozens of gangs that buy and use the software. The timing might not be a coincidence though; at most it's a warning to the other gangs that they could be next.

Re:

[kot-begemot-uk]

Indeed.

A positive sign though. Over the last 7 years everyone pointing at the fact that Ukraine and the Baltic states hold the lion share of Cybercrime on the European continent got screamed at, named and shamed as a Russian Troll. Well, reality finally bites. Now can we have some repeat performances please. Bonus points for a repeat performance in Riga or Vilnus. There are quite a few there too.

Shocked!

[Frosty Piss]

Iâ(TM)m shocked, simply SHOCKED! A ransomware operation in a former Soviet Republic? Itâ(TM)s simply unbelievable.

Re:

[geekmux]

Wow, what a random thing to have happened. Some other random things. US Keystone Pipeline - CANCELED RUS/UKR Pipeline - SANCTIONS REMOVED. Hunter B. No-prev-experience - PAID MILLIONS to sit on board of corrupt UKR energy company. Daddy B recent visit to region.

Where there's smoke, there's arson...

Re:

[geekmux]

Awww, your BDS, so delightful, brings out the paranoid delusions. Sad.

Read the parents post. Find something that isn't true.

(Don't take too long, Delusional. That dementia, ain't crawling anymore. It's walking. Sad.)

Re:

[sjames]

The implied claim that there is a proven connection between the statements. Now, what do I win?

Re:

[geekmux]

The implied claim that there is a proven connection between the statements. Now, what do I win?

An interview with Hunter Biden.

Microphone? No, I'm thinking a large marine battery and some jumper cables.

Rest assured you'll find a connection to the truth. CIA tells me it's somewhere between his taint and nutsack.

recruitment

[laktech]

or you mean the Ukraine held a recruitment event?

Re:

[oldgraybeard]

And Hunter Biden selling his art to anonymous buyers for 500k a pop now.

Re:

[youngone]

Yeah, it's terrible.
What Biden should have done was given him a job as an advisor, you know, advising on "political stuff" and all that.

Re:

[geekmux]

You can't make this shit up. Unbelievable. The in your face completely out in the open corruption ...

Where the fuck were you when the USPS was sabotaged by the Trump Administration!?

USPS still employs thousands. Over 600,000 in fact. Hopefully some of them are former Keystone pipeline workers.

And a Postmaster, is an appointed position. Seems Biden has found more profit cutting deals in Ukraine via Hunter, than to bother pushing for a new one.

Re:

[Anonymous Coward]

lol @ a trump supporter bitching about abuse of power, nepotism, dementia, and a cocaine-addicted kid!

Re:

[Anonymous Coward]

If you're referring to ransomware attacks, they come from everywhere. Always did and always will.

The difference between Ukraine and Russia here is that Ukrainian authorities bust the ransomware gang at least occasionally.

In Russia on the other hand they'd likely get protection by the state and authorities as long as they limit their criminal activities to the enemies of the Kremlin.

Cyber privateers would be a good name here.

No doubt ...

[PPH]

... Putin will offer to go in and clean that nest of miscreants out. Just on principle. No 'thank you' needed.

Ukraine influence

[Ritz_Just_Ritz]

I'm going to go out on a limb and say Biden has some "influence" on the Ukraine.

We won't be seeing anyone leaking those conversations and there won't be any media circus. It's great to be a Democrat.

Best,

Re:

[quonset]

We won't be seeing anyone leaking those conversations and there won't be any media circus. It's great to be a Democrat.

So it's like when the con artist confiscated the interpreter's notes [usatoday.com] from the meeting with his Russian handler and ordered them not to say anything about the meeting? The meeting at which, to this day, we have no idea what was discussed?

Re:

[geekmux]

We won't be seeing anyone leaking those conversations and there won't be any media circus. It's great to be a Democrat.

So it's like when the con artist confiscated the interpreter's notes [usatoday.com] from the meeting with his Russian handler and ordered them not to say anything about the meeting? The meeting at which, to this day, we have no idea what was discussed?

Every US President has the unique ability to declassify or classify pretty much anything they want, and pretty much on the spot. Enough of rubbing that TDS pebble of yours. The MSM ensured there's not even a drop of blood left anyway. Pointless, because it's quite irrelevant.

What the MSM has done, and continues to do today, is what is relevant, whether you like it or not. One would think they would see how unacceptable their actions are based on their tanked ratings, but hey we all knew they are ignoran

Re:

[AATheorist]

Did you mean me, the guy spreading truth? I mean no harm. I am just connecting various true events. Sure, I have opinions but I didn't share it. I didn't feel a need to call anyone names. I'm just a humble peddler of truth. Do what you want with these truths.

Ukraine is not "within Russian borders"

[superwiz]

In fact, the article summary clearly states that the police seized 5 million "hryvnia" (a Ukrainian rather than Russian currency). Was Biden supposed to pressure Putin to invade Ukraine?

Re:

[qaz123]

They can't miss the chance to demonize Russia. It's obligatory to mention Russia every time even if Russia is not involved

Re:

[sjames]

No, it's just useful to Americans that don't want to be ransomwared that the Ukraine couldn't resist a chance to show up Putin.

Re:

[superwiz]

That's quite a spin. There isn't even a hint of that in the summary. I'll go with the more obvious explanation, the one suggested by the other comments. It's meant to continue the baseless narrative that the Russian government is behind some hacks on the US infrastructure. The narrative is around, of course, to continue propagating the BIg Lie started by Hillary Clinton that she didn't lose the election fair and square and that Russia somehow "hacked the election." As long as the entire point of the De

Re:

[sjames]

You seem confused. Hillary conceded the election the night of when she saw the writing on the wall. It's Trump that to this day refuses to acknowledge that he lost.

Many Democrats and Democrat leaning voters see that pushing Clinton in the Primaries (perhaps the one Democratic candidate that couldn't beat Trump) was a huge blunder.

Re:

[AnilJ]

No no no no no. Hilarious "Hick"ary won the popular vote. She "won" as per democrats.

Re:

[superwiz]

Are you now trying to suggest that Hillary never blamed Russia for her electoral loss? I don't have amnesia, you know. I heard what she said. And you know full well that you are trying to pull out some gotcha out of this. Sophistry be damned. Lady Macbeth is what's brought the Democratic party to the state it's in right now. The party was too far left after Obama, but it was taken seriously. The shenanigans they pulled during Trump's administration have turned it into a complete joke. You can pretend

Re:

[superwiz]

f'ing slashdot. you are *NOT* fooling anyone who is paying attention.

Re:

[sjames]

You have not only moved the goalpost, you exchanged it for a basketball net. Congratulations for that extreme example, I guess.

I only said that Clinton acknowledged her defeat the evening of the election and Trump denies his defeat to this day. That is not a controversial statement of fact.

Re:

[fazig]

The article stated that this coincided with Biden and Putin meeting.

Generally 'coincidence' as a qualifier is used in cases where there's some similarity but no connection.


Now one might question why they felt the need to include that statement there if they even themselves qualify it as non related. But the spin people around here put on top of it makes me question if people's reading comprehension is really bad.

Re:

[superwiz]

Yeah, somebody is putting the spin on.

Someone didn't pay ransoms to the chocolate king

[thesjaakspoiler]

If you pay the corrupt chocolate king of Ukraine, you can get away with anything in the Ukraine.

"and Russia in particular"

[qaz123]

The majority of the most prolific ransomware gangs are believed to operate in Eastern Europe, and Russia in particular.

And why every time you single out Russia? Is this to demonize Russia?
"Somebody in your school stole X. For example John". Next time again: "Somebody in your school stole Y. For example John".

Arrested does not mean condemned in a court of law

[Max_W]

I know from another story on a local TV that these people use special portable machines which can destroy data on a hard disk by the electromagnetic impulse in one second.

They use if there is even just a knock on the door, as the data is backed up somewhere else.

They also use facade businesses to wash up the money like restaurants, art galleries, etc. I believe it is is not that easy to identify and eliminate these criminal groups. Besides they hold cash, and what it means in a poor country is not hard to imagine.

In my opinion it is like asking the government of Columbia: "Please stop the activity of drug cartels immediately." Obviously, it's easier said than done.

I think the only realistic way to achieve it is the international cooperation and co-develpoment with these lands, so that young people have other opportunities to advance in life.

Get the small fry to show they did something

[Laxator2]

In such situations the solution is to show that "they did something". For example when Google slurped WiFi passwords illegally, there was a lot of outrage from the public, so something had to be done.
What was done is that Google destroyed a few hard-disks and, presto, problem solved. Of course, no word about the data being copied in a whole bunch of other locations.
When it comes to gangs running ranswomware attacks on this scale, it should be clear that they work hand-in-hand with the corrupt law enforcemen

Re:

[cmseagle]

I know from another story on a local TV that these people use special portable machines which can destroy data on a hard disk by the electromagnetic impulse in one second.

They use if there is even just a knock on the door, as the data is backed up somewhere else.

If you're a cybercriminal and are at the point where the authorities physically knocking on your door, they probably have enough evidence to charge and convict you already. Destroying everything on your hard disks is likely only going to add "destruction of evidence" to your list of headaches.

Also, just encrypt your drives. That way you don't need to restore from backup every time the pizza guy shows up earlier than expected.

$30k each isn't much

[jago25_98]

Is it the right gang? They've only got $30k each and a car. This might be a lot for Ukraine