Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Spanish Police and Europol Bust Global “Ransomware” Operation

Police Bust Global Cybercrime Extortion Ring

MADRID – Spanish police and Europol have busted a global cybercrime operation that infected millions of computers with a virus that falsely accused victims of viewing child pornography and demanded a fine payment, officials said Wednesday.

Police Bust Global Cybercrime Extortion Ring

MADRID – Spanish police and Europol have busted a global cybercrime operation that infected millions of computers with a virus that falsely accused victims of viewing child pornography and demanded a fine payment, officials said Wednesday.

Police detained 11 people as part of the operation, including a 27-year-old Russian suspected of creating and distributing the virus, Europol director Rob Wainwright told a news conference in Madrid.

The virus locked computers in over 30 countries, mostly in Europe, and it demanded payment of a fine of 100 euros ($135) to return control to its user, he said.

The message generated by the virus used the logo of the national police force and the language of the country where the computer was based to accuse the victim of having viewed child pornography or pirated movies online, he added.

“This operation is the first major operation of its kind,” Wainwright said.

“This is an example of the evolving nature of cybercrime online, of how cybercrime is becoming more sophisticated.”

The authorities said the group raised millions of euros with its scam but could not yet cite a precise amount.

About three percent of those whose computers were infected by the virus paid the fine that was demanded.

Europol said in a statement that it was “the largest and most complex cybercrime network dedicated to spreading police ransomware.”

Police detained 10 people — six Russians, two Ukrainians and two Georgians — last week on Spain’s Costa del Sol as part of the investigation, said Spain’s secretary of state for security, Francisco Martinez.

The suspected author of the virus was detained while he was on holiday in Dubai in December, he added. He is currently awaiting extradition to Spain.

Of the 10 suspects detained in Spain, six have been remanded in custody while the investigation continues and the remaining four were released on bail.

They are accused of fraud, money laundering, forging documents and membership of an organised crime group.

The investigation remains open and further arrests are likely, police said.

The authorities began their investigation, dubbed “Operation Ransom”, in November 2011 after detecting the virus in six European countries.

The network created 48 different versions of the virus to ensure that it was not detected by anti-virus software, said Martinez.

So-called “ransomware” viruses, which try to make victims pay an on-the-spot fine, are becoming more prevalent but most strains only accuse people of pirating movies or music. Others scramble data that is only unscrambled when a fee is paid.

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.