Romanian police have arrested five people in recent years, who were suspected of having infected tens of thousands of computers in Europe and the United States by two notorious ransomware families – Cerber ransomware and CTB Locker – spread.
During the operation, “Bakovia” – one of the largest police operations in the world, which was conducted by Europol, the FBI and the law enforcement authorities of Romania, the Netherlands, and the Kingdom – were attacked six houses in East Romania and arrested five, Europol announced Wednesday with.
Also Read: New KickAss Torrent Website Is Back Again
The authorities seized a considerable amount of hard disks, external storage, laptops, cryptocurrency devices, numerous documents, and hundreds of SIM cards during the raid.
One thing to note is that all five suspects have not been arrested for the development or maintenance of notorious ransomware strains, but for the release of CTB Locker and Cerber ransomware.
Based on Crypto Locker was PFE Locker, aka Critroni, in 2016 the most common ransomware family and was the first ransomware, which used the Tor anonymity network to hide their command and control of the server.
Cerber ransomware was developed in March 2016 and works with the ransomware-as-a-service (RAAS) model, which has led to a widespread release and has allowed all hackers to distribute malware in exchange for 40% of each ransom paid.
While CTB Locker helped criminals get a $ 27 million ransom, Cerber ransomware was rated by Google as the most criminal ransomware, earning $ 6.9 million in July 2017.
As with most ransomware, the CTB Locker and Cerber ransomware distributors used the most common attack vectors, such as phishing emails and exploit kits.
“In early 2017, the Romanian authorities received detailed information from the Dutch Ministry of High-Tech Crime and other authorities that a group of Romanian nationals was involved in sending spam messages,” said Europol in its press release.
“Spam messages to infect computer systems and aliases encrypt their data with the PFE-Locker Ransomware Critroni. Each email had an attachment, often opened in the form of an archived invoice that contained a malicious file. Once this appendix on Windows System, malicious encrypted files on the infected device. ”
Although the authorities have not yet published the true identities of those arrested, Europol has published a dramatic video of the arrests, in which you can see how the armed authorities stormed the house of the suspects.