The Federal Bureau of Investigation’s Cleveland office announced on Monday the dismantling of a criminal ransomware cell that used servers and domains in the United States and two other countries.
An FBI news release on Monday claimed that the August 2023-founded group Radar/Dispossessor used ransomware to attack at least 43 small to medium-sized businesses across 13 countries.
Ransomware is malicious software that encrypts computer systems and holds them prisoner until the victim pays a ransom.
According to the FBI, the group’s ransomware used a “dual-extortion model.” It not only encrypted the victims’ data but also copied and erased it from their systems, allowing the organization to “re-victimize” their targets by threatening to destroy or release the information to the public.
The crew discovered insecure computer systems with weak passwords or a lack of two-factor authentication, a security feature that needs a second form of login verification, such as a text message or email.
They would then contact or email firm employees, sending them links to films displaying their stolen data, “with the aim of increasing the blackmail pressure and increasing the willingness to pay,” according to the announcement.
They then displayed a webpage for the victims to reveal their data and demanded a ransom payment before the countdown expired.
According to the announcement, the group’s commander is known online as “Brain.”
The FBI has demolished the group’s network, which included three servers in the United States, three in the United Kingdom, and 18 in Germany, as well as eight illicit domains in the United States and one in Germany, according to the announcement.
According to the announcement, federal agents collaborated with the U.S. Attorney’s Office for Northern Ohio, the National Crime Agency, and Bavarian authorities on the operation.
The group’s ransomware has several forms, so it’s unclear how many businesses or organizations have been attacked, according to the announcement.
Anyone with information about Radar Ransomware or the group’s leader “Brain,” or whose business or organization has been targeted by ransomware or is currently paying a ransom to an online extortionist, should contact the FBI’s Internet Crime Complaint Center at ic3.gov or 1-800-CALL-FBI (1-800-225-5324).
