Spanish Police, in collaboration with Europol’s newly-launched European Cybercrime Center (EC3), have managed to dismantle what it’s believed to be the largest and most complex cybercriminal ring responsible for spreading ransomware.
It’s believed the cybercriminals have managed to infect tens of thousands of computers and make a profit of over 1 million EUR ($1.34 million) per year.
Eleven individuals have been arrested as part of Operation Ransom, one of them, a 27-year-old Russian national, being suspected of developing and distributing various versions of the malware.
The Russian was arrested in the United Arab Emirates. He will be extradited to Spain in the upcoming period.
In addition to apprehending the mastermind of the operation, authorities have also dismantled the group’s largest financial cell, located in Costa del Sol, Spain. Six Russians, two Georgians and two Ukrainians have been arrested by Spanish police.
During the raids on six locations in the province of Málaga, investigators seized IT equipment, and credit cards that the crooks had used to cash out the money that their victims paid via MoneyPak, Ukash, and Paysafecard.
The financial cell was in charge of laundering the money they extorted from Internet users. Virtual coins, electronic payment gateways and even online gaming portals have been used by the crooks to launder the proceeds.
The suspects have also utilized hijacked credit cards to withdraw money from ATMs located in Spain.
Since May 2011, when the ransomware was first discovered, 1,200 cases have been reported in Spain alone. However, it’s worth noting that not all victims file complaints, so it’s likely that the number of affected users is much higher.
Besides Spanish police and Europol, the Interpol, attachés of the Ministry of Interior of the Spanish Embassy in UAR and the Spanish Embassy in Moscow, and Eurojust have also made a contribution to Operation Ransom.