Since 2018, the defendants, using cryptographic viruses developed by them, have been attacking the servers of leading global companies. During the international police operation, law enforcement officers conducted more than 30 searches and stopped the activities of the group.
Operatives of the Cyber Police Department and investigators of the Main Investigation Department of the National Police, under the procedural guidance of the Prosecutor General's Office, conducted a multi-level special operation to neutralize an organized criminal group.
The Joint Investigation Team (JIT) also includes colleagues from Europol (the EU's law enforcement agency for countering international organized crime) and Eurojust (the agency coordinating the EU judiciary).
"Attackers attacked the world's most powerful companies in France, Norway, Germany, the Netherlands, Canada and the United States, starting in 2018. As a result of many months of painstaking work, Ukrainian law enforcement officers, with the assistance of colleagues from the United States, Norway, the Netherlands, Germany and France, identified the 32-year - old leader of the hacker group and his four most active accomplices," said Yuriy Vykhodets, head of the Cyber Police Department.
For hacker attacks, the defendants used independently developed malicious software. In particular, several cryptographic viruses.
First of all, the attackers hacked the accounts of employees of the victim enterprise, using information from open sources and social engineering methods. Hackers used the assigned accounts to distribute malicious program code in the corporate ecosystem. Thus, the attackers gained access to the servers and stole information from them.
After that, the data on the victims computers was encrypted and made unusable. For the decryption of information, members of an international hacker group demanded millions of payments in cryptocurrency.
For example, for the resumption of the servers of one of the leading chemical companies in the Netherlands, the attackers ordered to transfer 450 BTC (bitcoins) to a controlled crypto wallet, which is equivalent to 48 million hryvnia.
The men developed and updated malicious software, carried out hacker attacks, searched for so-called drops with crypto wallets to receive ransom, and distributed "earnings" among other members of the group.
It is established that for several years of criminal activity, attackers encrypted more than 1,000 servers of global enterprises and caused damage worth more than 3 billion hryvnias in terms of national currency.
To neutralize the criminal group and analyze digital data, more than 20 law enforcement officers from Norway, France, Germany and the US Federal Bureau of Investigation arrived in the capital. In the Netherlands, Europol created a special working group and a Virtual Command Post (VCP) to immediately analyze information obtained during investigative actions on the territory of Ukraine.
With the strong support of the special forces of the TOP, law enforcement officers conducted more than 30 authorized searches in the premises and cars of the defendants in the Kiev region, as well as in the Cherkasy, Rivne and Vinnytsia regions.
Computer equipment, cars, bank and SIM cards, "rough" records, as well as dozens of electronic data carriers and other evidence of illegal activities were seized. In particular, almost 4 million hryvnias and cryptocurrency assets. The issue of seizure of the seized property is being resolved.
Investigators of the Main Investigation Department of the National Police opened criminal proceedings under Part 2 of Article 361 (Unauthorized interference in the operation of information (automated), electronic communication, information and communication systems, electronic communication networks), Part 2 of Article 361-1 (Creation for the purpose of illegal use, distribution or sale of malicious software or technical means, as well as their distribution or sale), part 4 of Article 189 (Extortion) The Criminal Code of Ukraine. Three persons involved were notified of suspicion.
Investigative actions are continuing to establish the location of other members of the group. Additional qualification is possible based on the results.
• Video:
Operatives of the Cyber Police Department and investigators of the Main Investigation Department of the National Police, under the procedural guidance of the Prosecutor General's Office, conducted a multi-level special operation to neutralize an organized criminal group.
The Joint Investigation Team (JIT) also includes colleagues from Europol (the EU's law enforcement agency for countering international organized crime) and Eurojust (the agency coordinating the EU judiciary).
"Attackers attacked the world's most powerful companies in France, Norway, Germany, the Netherlands, Canada and the United States, starting in 2018. As a result of many months of painstaking work, Ukrainian law enforcement officers, with the assistance of colleagues from the United States, Norway, the Netherlands, Germany and France, identified the 32-year - old leader of the hacker group and his four most active accomplices," said Yuriy Vykhodets, head of the Cyber Police Department.
For hacker attacks, the defendants used independently developed malicious software. In particular, several cryptographic viruses.
First of all, the attackers hacked the accounts of employees of the victim enterprise, using information from open sources and social engineering methods. Hackers used the assigned accounts to distribute malicious program code in the corporate ecosystem. Thus, the attackers gained access to the servers and stole information from them.
After that, the data on the victims computers was encrypted and made unusable. For the decryption of information, members of an international hacker group demanded millions of payments in cryptocurrency.
For example, for the resumption of the servers of one of the leading chemical companies in the Netherlands, the attackers ordered to transfer 450 BTC (bitcoins) to a controlled crypto wallet, which is equivalent to 48 million hryvnia.
The men developed and updated malicious software, carried out hacker attacks, searched for so-called drops with crypto wallets to receive ransom, and distributed "earnings" among other members of the group.
It is established that for several years of criminal activity, attackers encrypted more than 1,000 servers of global enterprises and caused damage worth more than 3 billion hryvnias in terms of national currency.
To neutralize the criminal group and analyze digital data, more than 20 law enforcement officers from Norway, France, Germany and the US Federal Bureau of Investigation arrived in the capital. In the Netherlands, Europol created a special working group and a Virtual Command Post (VCP) to immediately analyze information obtained during investigative actions on the territory of Ukraine.
With the strong support of the special forces of the TOP, law enforcement officers conducted more than 30 authorized searches in the premises and cars of the defendants in the Kiev region, as well as in the Cherkasy, Rivne and Vinnytsia regions.
Computer equipment, cars, bank and SIM cards, "rough" records, as well as dozens of electronic data carriers and other evidence of illegal activities were seized. In particular, almost 4 million hryvnias and cryptocurrency assets. The issue of seizure of the seized property is being resolved.
Investigators of the Main Investigation Department of the National Police opened criminal proceedings under Part 2 of Article 361 (Unauthorized interference in the operation of information (automated), electronic communication, information and communication systems, electronic communication networks), Part 2 of Article 361-1 (Creation for the purpose of illegal use, distribution or sale of malicious software or technical means, as well as their distribution or sale), part 4 of Article 189 (Extortion) The Criminal Code of Ukraine. Three persons involved were notified of suspicion.
Investigative actions are continuing to establish the location of other members of the group. Additional qualification is possible based on the results.
• Video:
