Ransomware Affiliate Arrested in Romania

Europol and the Romanian National Police on Monday announced the arrest of an individual allegedly involved in a ransomware operation targeting multiple high-profile organizations.

The suspect, a 41-year-old from Craiova, Romania, was arrested in the early hours of the morning at his house.

According to Europol, the individual was involved in the targeting of a large IT company in Romania that provides services to organizations in multiple sectors, including energy, retail, and utilities.

After managing to compromise the IT company’s network, the suspect allegedly stole data from its clients – both Romanian and international organizations – after which he deployed ransomware and encrypted the victims’ data.

Stolen information ranged from financial data and customer details to the personal information of employees and sensitive documents.

He then contacted the victim organizations to demand ransom payments, and also extorted them, threatening to make the stolen data public if they refused to pay up.

“The suspect would then ask for a sizable ransom payment in cryptocurrency, threatening to leak the stolen data on cybercrime forums should his demands not be met,” Europol says.

The United States Federal Bureau of Investigation (FBI) assisted Europol and the Romanian National Police with the investigation.

Related: Canadian Teen Arrested Over Theft of $36 Million in Cryptocurrency

Related: Europol Announces Arrests of 7 People Linked to REvil, GandCrab Ransomware

Related: 12 People Arrested Over Ransomware Attacks on Critical Infrastructure

Related: Dutch Police Arrest Alleged Member of ‘Fraud Family’ Cybercrime Gang