A few days ago, the European Union Agency for Law Enforcement Cooperation/Europol announced that it had carried out a "major blow" against a ransomware organization called RagnarLocker. This is the hacker group that previously launched an attack on Capcom in 2020, affecting the data of about 400,000 people and demanding $11 million.
Capcom's attack isn't the most important thing, though. For Europol, RagnarLocker is a high-profile target for its attacks on "critical infrastructure" around the world, the latest targeting "Portugal's national airline" and "a hospital in Israel."
On October 16, the police arrested a "main target" of the group under investigation in Paris. Earlier, an international police "raid" also seized the organization's ransomware infrastructure in the Netherlands, Germany and Sweden.
Five other suspects have been questioned in Spain and Latvia. But police also suspect that the "main target" of the arrest is one of the group's founders, who was brought before the Paris Justice Court over the weekend.
According to Europol, the RagnarLocker organization mainly targets Windows devices and "usually uses public services such as Remote Desktop Protocol" to control the victim's system. After invading the system, the ransomware organization will "adopt a dual extortion strategy and require the victim to pay a ransom fee for decryption tools and sensitive information not to be disclosed." If they didn't pay, the group threatened to publish the stolen data on a dark web page called the "Wall of Shame." But Europol said the Sweden-based site had been shut down.