© 2021 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Intel by cybersecurity companies led to the arrests of Cl0p members


A multinational effort allowed authorities to zero in on members of a notorious ransomware gang. Private firms provided crucial intelligence, Interpol claims.

Mid-June, Ukrainian police reported uncovering a group of hackers who used ransomware software to extort money from foreign businesses in the United States and South Korea. Six individuals were arrested and their assets were seized.

Interpol released new details about the crackdown, codenamed 'Operation Cyclone,' an international police campaign led by authorities from South Korea, Ukraine, and the US.

The investigation targeted the Cl0p ransomware gang whose operators in Ukraine allegedly attacked private and business targets in Korea and the US by blocking access to their computer files and networks and then demanded ransom for restoring access.

According to a statement by Interpol, the operation was coordinated by agencies' Cyber Fusion Centre in Singapore, where stakeholders shared intelligence.

Private help

Numerous international cybersecurity firms helped police to gather and analyze the intelligence necessary to proceed with the arrests. Interpol noted the input from Trend Micro, CDI, Kaspersky Lab, Palo Alto Networks, Fortinet, Group-IB, and Korea-based firms S2W LAB and KFSI.

"Despite spiraling global ransomware attacks, this police-private sector coalition saw one of global law enforcement's first online criminal gang arrests, which sends a powerful message to ransomware criminals [...]," Interpol's Director of Cybercrime Craig Jones is quoted in the press release.

According to the agency, the operation resulted in the arrest of six individuals and Red Notices, internationally wanted persons alerts, for another two.

Cl0p ransomware group is considered a 'big game hunter' attacker due to their volume. The group and its affiliates are credited with carrying out attacks against oil giant Shell, US bank Flagstar and others.

The group is a member of a larger conglomerate named TA505, and groups like F1N11 use ransomware Cl0p developed malicious software.

Golden age

Cyberattacks are increasing in scale, sophistication, and scope. The last 12 months were ripe with major high-profile cyberattacks, such as the SolarWinds hack, attacks against the Colonial Pipeline, meat processing company JBS, and software firm Kaseya.

Pundits talk of a ransomware gold rush, with the number of attacks increasing over 90% in the first half of 2021 alone.

The prevalence of ransomware has forced governments to take multilateral action against the threat. It's likely a combined effort allowed to push the infamous REvil and BlackMatter cartels offline.

Gangs, however, either rebrand or form new groups. Most recently, LockBit 2.0 was the most active ransomware group with a whopping list of 203 victims in Q3 of 2021 alone.

An average data breach costs victims $4.24 million per incident, the highest in the 17 years. For example, the average cost stood at $3.86 million per incident last year, putting recent results at a 10% increase.

Reports show that people most vulnerable to cybercrime tend to be adults over 75 and younger adults. Criminals were taking advantage of the uncertainty caused by the pandemic and the flood of new users to digital channels, who were especially susceptible to attack.


More from CyberNews

Are you one of 10.5 million users victimised by this app-based SMS scam?

US offers $10 million reward for information on DarkSide leaders

Conti apologizes for leaking Saudi royalty data, pledges a westward focus

Dark web drug dealer to spend eight years behind bars

Cybersecurity headhunters: recruiting an experienced professional is a challenge

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are marked