The operators of the RagnarLocker ransomware have had their website seized by the authorities, hopefully lessening its ability to spread chaos to victims.
Where once stood information on the encryptor and its victims, now stands a message saying “This service has been seized by a part of a coordinated international law enforcement action against the RagnarLocker group.”
The statement also claims that law enforcement firms from the US, the EU, and Japan, worked together on the operation.
No arrest announcements yet
Usually, when the police engage in operations such as this one, they go for both the people and the infrastructure. That includes servers, endpoints, and administrators/operators. In this instance, besides knowing that the website was seized, we don’t know if any servers were taken offline, or if any arrests were made. With ransomware operations, it’s also possible for law enforcement to obtain private keys to cryptocurrency wallets, as ransom payments are usually made with this nascent technology.
In a statement given to TechCrunch, Europol spokesperson Claire Georges said the agency was involved in “ongoing action against this ransomware group,” without going into more details. The spokesperson for the FBI declined to comment, it was added.
RagnarLocker was first observed in 2020. Some researchers link it to Russia and claim it targets mostly organizations in the critical infrastructure industry. States, and law enforcement organizations, are particularly sensitive to critical infrastructure organizations and are actively pursuing hacking groups that target them. For example, in 2021, the FBI seized millions of dollars given to DarkSide, the hackers behind the Colonial Pipeline attack.
RagnarLocker, the FBI warns, targeted at least 52 entities in the US last year.
More from TechRadar Pro
- Colonial Pipeline attack made possible by compromised VPN password | TechRadar
- Here's a list of the best firewalls today
- These are the best malware removal tools right now
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.