A hacker gang that breached various high-profile companies like computer component manufacturer ADATA and video game publisher Capcom within the last several years has been arrested by an international police force, according to law enforcement agency Europol.
An October 20 report by the government agency states that the ransomware group known as Ragnar Locker was brought to an end after 11 different countries came together to investigate and prosecute the hackers. The group is probably best known for taking responsibility for the November 2020 Capcom cyberattack that exposed hundreds of thousands of pieces of employee information, including names, emails, and passport details. It claimed to have stolen over 1TB of data; the publisher would later detail exactly what data was compromised, which included the personal and corporate information of current and former employees, financial details and sales reports, and developer documents. In total, the confidential data of roughly 390,000 people may have been exposed on the dark web thanks to the cyberattack.
But Ragnar Locker may be no more, following an elaborate, multi-country sting operation that took place between October 16 and 20 spanning Czechia, Latvia, Spain, Germany, the Netherlands, and more, during which the “key target” of the bunch was arrested in Paris and brought in front of the Paris Judicial Court. His Czechia home was searched and the gang’s infrastructure was seized across the globe. Meanwhile, five other suspects connected to the ransomware gang Ragnar Locker were also interviewed in Spain and Latvia.
An international police force, composed of 11 countries including Japan and the U.S., also took down Ragnar Locker’s ransomware—the malicious malware it uploads to get access to devices—and the website it used to leak stolen data.
“Prevention and security are improving, however ransomware operators continue to innovate and find new victims,” Edvardas Šileris, head of Europol’s European cybercrime center, said in the report. “Europol will play its role in supporting EU Member States as they target these groups, and each case is helping us improve our modes of investigation and our understanding of these groups. I hope this round of arrests sends a strong message to ransomware operators who think they can continue their attacks without consequence.”
According to Europol’s findings, Ragnar Locker isn’t just the name of the now-defunct group. It’s also the name of the ransomware the gang developed for its cyberattacks, including more recent ones against the Portuguese national carrier and an Israeli hospital. It used this malware to attack devices running Microsoft Windows, exploiting services like Remote Desktop Protocol to gain access to devices and data. So, while speculative, breaking into Windows PCs may have been how Ragnar Locker slipped through Capcom’s defense systems.
Kotaku reached out to Capcom and Europol for comment.
Capcom isn’t the only video game company to have been breached by hackers in the last few years. Earlier this fall, a new ransomware group known as Ransomed.vc claimed to have broken into “all of Sony systems.” Sony was hacked this past May as well, with a different cyberattacker group claiming to have accessed info on some 6,791 current and former employees.
Leave a Reply