Two individuals have been arrested in Ukraine over suspected ransomware attacks for which ransom demands were set as high as €70 million ($81 million), Europol has announced.
The suspects are alleged to be members of an organized crime group “suspected of having committed a string of targeted attacks against very large industrial groups in Europe and North America from April 2020 onwards”, according to the law enforcement agency.
The arrests were made on 28 September during an operation that saw law enforcement search seven properties, resulting in the seizure of $375,000 in cash and two luxury vehicles worth around $250,000.
Assets of $1.3 million in cryptocurrencies have also been frozen, according to Europol.
Europol described the arrestees as “prolific ransomware operators” who were known for making “extortionate ransom demands” that ranged between €5 million ($5.8 million) and €70 million ($81 million).
The attackers deployed malware and stole then encrypted sensitive data, before offering a “decryption key in return for a ransom payment of several millions of euros, threatening to leak the stolen data on the dark web should their demands not be met”.
Ukrainian police were supported in the investigation by French law enforcement, the FBI, Interpol, and Europol’s Joint CyberCrime Action Taskforce.
Europol said it helped the agencies established a joint strategy, provided analytical, malware, forensic, and crypto-tracing support, and established a virtual command post to facilitate coordination.
The news comes against a background of increasingly frequent ransomware attacks, which have soared by 1,070% year on year according to a report published last week by security specialist Fortinet.