Suspected developer of Ragnar Locker ransomware arrested in Paris

The suspected developer of the Ragnar Locker ransomware strain is in custody in France and the malware’s IT infrastructure taken down after an international police operation, the Europol police co-operative announced Friday.

The gang behind the creation and distribution of this strain was responsible for numerous high-profile attacks against critical infrastructure across the world after emerging in 2019. According to the FBI, as of January 2022 it had hit at least 52 organizations across 10 critical infrastructure sectors.

Europol’s announcement today was the culmination of police action that started on Monday, including searches in Czechia, Spain and Latvia. But the statement said the investigation has its roots in the arrests in Ukraine just over two years ago of what it called two “prolific” ransomware operators.

The individual Europol called the “key target” was arrested in Paris on Monday, and his home in Czechia was searched. Five other suspects were interviewed in Spain and Latvia in the following days, Europol said. The statement doesn’t say what happened to them. But the person arrested in Paris has been brought in front of examining magistrates there.

The ransomware’s infrastructure was also seized in the Netherlands, Germany and Sweden, and the associated data leak website on Tor was taken down in Sweden.

The investigation was led by the French National Gendarmerie and included law enforcement authorities from the Czechia, Germany, Italy, Japan, Latvia, the Netherlands, Spain, Sweden, Ukraine and the United States.

Also this week, a white hat hacking group from Ukraine said it took down the IT infrastructure behind the Trigona ransomware.  

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer. Former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, Howard has written for several of ITWC's sister publications, including ITBusiness.ca. Before arriving at ITWC he served as a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs