- Investigators succeed in defeating ransomware hacker group
Cybercrime investigators from Bavaria have reportedly dealt a successful blow to an internationally operating hacker group. Twelve suspected members of the group, Radar/Dispossessor, which has been active since August 2023, have been identified and the servers used by the group have been taken offline, according to the Central Cybercrime Office Bavaria and the Bavarian State Criminal Police Office.
The group is said to have primarily targeted small to medium-sized businesses and institutions with so-called ransomware. The criminals allegedly gained access to the IT systems of their victims through vulnerabilities, encrypted their files, and then demanded ransom.
The focus of these crimes was initially in the United States. During the investigation, a further 43 victims were identified in Germany, as well as in Argentina, Australia, Belgium, and Brazil, among others.
To apply pressure, the suspects are said to have sent videos containing stolen data to the victims and presented a website where they threatened to publish the data if no payment was made.
The suspects identified come from Germany, Ukraine, Russia, Kenya, Serbia, Lithuania, and the United Arab Emirates. An international arrest warrant has been issued for one suspect accused of specific crimes in Germany. The other suspects are being pursued in other countries.
Four companies in Germany were warned in time
In cooperation with the Federal Criminal Police Office, four German companies were warned in time before their files could be encrypted.
In an internationally coordinated action with the U.S. investigative agency FBI, investigators in Germany seized 17 servers, three in the UK, and five in the U.S. They also made eight criminally used domains inaccessible. This has taken down the IT infrastructure used by the criminals. The focus is now on identifying further participants and gathering information on more victims.
The investigation revealed that the hacker group used the Internet to communicate and coordinate their activities. After taking down the servers, analogous actions were planned against the group's online presence to limit their operational capacity.
