Judicial and law enforcement authorities from seven countries have dismantled a Ukrainian ransomware group, seizing hundreds of digital equipment in the process, the European Union Agency for Criminal Justice Cooperation (Eurojust) announced in a statement on Nov. 28.
The perpetrators, believed to have affected over 1,800 victims in 71 countries, primarily targeted large corporations - bringing business to a standstill and causing hundreds of millions of dollars in losses.
The group was accused of compromising IT networks through brute force attacks, SQL attacks on data applications, and by stealing credentials through phishing emails with malicious attachments. Ransom notes were then presented to victims, forcing them to send Bitcoin to attackers in exchange for decryption keys.
Eurojust noted that law and judicial enforcement officers from France, Germany, Netherlands, Switzerland, Norway, and the U.S. assisted Ukraine in the investigation.
Between January 2022 and September 2023, 4,000 cyberattacks were recorded by Ukraine's Computer Emergency Response Team, mainly stemming from pro-Russian non-state actors targeting critical Ukrainian infrastructure and its banking sector.
Over the course of the war, Ukraine has invested heavily in its cyber defense capabilities and has increased its offensive cyber tactics targeting Russian assets.