• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

FBI seized multiple piracy sites distributing pirated video games

 | 

An attacker using a $500 radio setup could potentially trigger train brake failures or derailments from a distance

 | 

Interlock ransomware group deploys new PHP-based RAT via FileFix

 | 

Global Louis Vuitton data breach impacts UK, South Korea, and Turkey

 | 

Experts uncover critical flaws in Kigen eSIM technology affecting billions

 | 

Spain awarded €12.3 million in contracts to Huawei

 | 

Patch immediately: CVE-2025-25257 PoC enables remote code execution on Fortinet FortiWeb

 | 

Wing FTP Server flaw actively exploited shortly after technical details were made public

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 53

 | 

Security Affairs newsletter Round 532 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

McDonald’s job app exposes data of 64 Million applicants

 | 

Athlete or Hacker? Russian basketball player accused in U.S. ransomware case

 | 

U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

 | 

UK NCA arrested four people over M&S, Co-op cyberattacks

 | 

PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda

 | 

Qantas data breach impacted 5.7 million individuals

 | 

DoNot APT is expanding scope targeting European foreign ministries

 | 

Nippon Steel Solutions suffered a data breach following a zero-day attack

 | 

Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates

 | 

Hackers weaponize Shellter red teaming tool to spread infostealers

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Breaking News
  • Cyber Crime
  • Hacking
  • Malware
  • Alleged developer of the Ragnar Locker ransomware was arrested

Alleged developer of the Ragnar Locker ransomware was arrested

Pierluigi Paganini October 20, 2023

A joint international law enforcement investigation led to the arrest of a malware developer who was involved in the Ragnar Locker ransomware operation.

Yesterday we became aware of a joint law enforcement operation that led to the seizure of the Ragnar Locker ransomware’s infrastructure. The police on Thursday seized the Tor negotiation and data leak sites, group’s infrastructure was located the Netherlands, Germany and Sweden.   

Ragnar Locker ransomware

The police arrested a malware developer who was involved in the Ragnar Locker ransomware operation.

The ransomware operation has been active since late December 2019, the FBI published two flash alerts to warn of the operation of the group.

In March 2022, the US Federal Bureau of Investigation (FBI) and CISA published a flash alert to warn that the Ragnar Locker ransomware gang breached the networks of at least 52 organizations across 10 critical infrastructure sectors.

“In an action carried out between 16 and 20 October, searches were conducted in Czechia, Spain and Latvia. The “key target” of this malicious ransomware strain was arrested in Paris, France, on 16 October, and his home in Czechia was searched. Five suspects were interviewed in Spain and Latvia in the following days.” reads the press release published by Europol. “At the end of the action week, the main perpetrator, suspected of being a developer of the Ragnar group, has been brought in front of the examining magistrates of the Paris Judicial Court.”

A distinctive action of the Ragnar Locker gang was to explicitly warn their victims against contacting law enforcement, threatening to publish all the stolen data.

The investigation started back in October 2021, at the time investigators from the French Gendarmerie and the US FBI, along with experts from Europol and INTERPOL were deployed to Ukraine to conduct investigative measures with the Ukrainian National Police, leading to the arrest of two prominent Ragnar Locker operators. 

“This investigation shows that once again international cooperation is the key to taking ransomware groups down. Prevention and security are improving, however ransomware operators continue to innovate and find new victims. Europol will play its role in supporting EU Member States as they target these groups, and each case is helping us improve our modes of investigation and our understanding of these groups. I hope this round of arrests sends a strong message to ransomware operators who think they can continue their attacks without consequence.” said the Head of Europol’s European Cybercrime Centre, Edvardas Šileris.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Ragnar Locker ransomware)


facebook linkedin twitter

Cybercrime Hacking hacking news information security news IT Information Security malware Pierluigi Paganini Ragnar Locker ransomware Security Affairs Security News

you might also like

Pierluigi Paganini July 15, 2025
FBI seized multiple piracy sites distributing pirated video games
Read more
Pierluigi Paganini July 15, 2025
An attacker using a $500 radio setup could potentially trigger train brake failures or derailments from a distance
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    FBI seized multiple piracy sites distributing pirated video games

    Cyber Crime / July 15, 2025

    An attacker using a $500 radio setup could potentially trigger train brake failures or derailments from a distance

    Hacking / July 15, 2025

    Interlock ransomware group deploys new PHP-based RAT via FileFix

    Cyber Crime / July 14, 2025

    Global Louis Vuitton data breach impacts UK, South Korea, and Turkey

    Data Breach / July 14, 2025

    Experts uncover critical flaws in Kigen eSIM technology affecting billions

    Security / July 14, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT