According to the EU’s law enforcement agency Europol a complex ransomware network has been shut down. The operation to close the network was headed by Spanish police in cooperation with the agency. Eleven people have been arrested from Russia, Georgia and Ukraine.
The scheme planted malware on computers which accused the users of viewing illegal content – including child sexual abuse. They were then ordered to pay a fine before they were allowed access to the PC.
Investigators from Europol’s European Cybercrime Centre said the network had infected “tens of thousands” of computers worldwide. Estimated profits had been in the range of one million euros per year, the agency said. The gang had been receiving the money in a variety of ways – including using virtual currency such as Bitcoin, it said.
“By dressing the ransomware up to look as if it comes from a law enforcement agency, cybercriminals convince the victim to pay the ‘fine’ of 100 euros [$130; £85] through two types of payment gateways – virtual and anonymous – as a penalty for the alleged offence.” said a spokesperson.
“The criminals then go on to steal data and information from the victim’s computer. Since the virus was detected in May 2011, there have been more than 1,200 reported cases just in Spain, and the number of victims could be much higher.”
Europol suspects the head of the operation was a 27-year-old Russian man who had been in charge of the “creation, development and international distribution of the various versions of the malware”.
“He was arrested in the United Arab Emirates and is awaiting extradition to Spain,” said the agency.
Author Rob Waugh, We Live Security