According to our colleagues from France Inter, a vast police operation took place in Ukraine. It has led to the arrest of hackers who are suspected of working with the Egregor cybercriminal group, known for its ransomware. France took part in this operation with other European colleagues. The police were able to trace the ransoms, paid in bitcoin, to hackers in Ukraine who provided, among other things, logistical and financial support.
The Egregor group’s ransomware has been in circulation since September 2020 and recently hit the Ouest France newspaper, video game publisher Ubisoft and logistics company Gefco. The group operates on the principle of Ransomware-as-a-Service (RaaS), ie it provides its ransomware to other groups of hackers and takes a commission in the process.
Threats of data disclosure
Companies affected by the ransomware end up with their computers crippled and have to pay ransom to recover their data. Some are even threatened by hackers: if they do not pay, their data will be made public by being published on the web.
However, the arrest of the Ukrainian hackers would have had an effect on the publication site. According to the words of security researcher Allan Liska, collected by our colleagues at ZDNet, he has been offline since at least Friday.
According to a report by cyber security company CoveWare, Egregor comes second in the ranking of the most common ransomware. The first place is occupied by the Sodinokibi group. The average amount of ransoms demanded by hackers is currently around $ 154,000 and 70% of affected companies are threatened with disclosure of their data.
In France, ransomware attacks more than tripled last year. ANSSI (the National Information Systems Security Agency) has had to deal with numerous appeals for help from impacted companies and has published on its site a series of tips for reacting well to a cyber attack. .
Source : France Inter