Europol has made it public that it has arrested 5 Romanian nationals for spreading CTB Locker and Cerber Ransomware. The police in association with the US FBI and UK National Crime Agency is said to have conducted a joint operation last week to nab the nationals.
Romanian Directorate for Investigating Organized Crime and Terrorism(DIICOT) said that the arrests were made mid last week after receiving a tip-off from Dutch National Police and few private investors.
As per the details available to our Cybersecurity Insiders, the five arrested suspects are not ransomware authors but were mere distributors of the said malware.
Investigators learned from their investigation that the arrested Romanian nationals rented the Cerber and CTB Locker ransomware families from Ransomware-as-a-Service(RaaS) portal and then used to spread the malware through email attachments made to look like invoices i.e email phishing.
According to a report published in Forbes, the group is said to have kept 70% of the ransomware payment to themselves and passed on the remaining 30% to the RaaS portals.
DIICOT officers said that they arrested only three individuals on an initial note from Bucharest- Romania’s Capital. Many hard drives, laptops, external storage devices, cryptocurrency mining devices and other documents were seized by the law enforcement during the initial arrests of the 3 individuals. And the other two were picked up after interrogating the initial three.
Note- Ransomware is nothing but a malware variant which infects computer systems and locks down files from access until a ransom is paid to the developer or ransomware spreading cyber crook. The ransom payment is usually done in cryptocurrency i.e digital currency and most hackers accept only Bitcoin.
