Ukrainian Police Arrest Group Responsible for Large-Scale Ransomware Attacks Targeting Global Organizations

In a significant breakthrough in the fight against cybercrime, Ukrainian police have apprehended a group of criminals suspected of launching ransomware attacks against numerous large organizations across 70 different countries. The arrests shed light on a highly sophisticated cybercriminal network that had been operating since 2018, causing substantial financial losses and disruption to businesses worldwide.

Background of the hacker group

The origins of this hacker group trace back to 2018, during which they commenced a string of attacks that affected over 1,800 victims in 71 countries. This cybercriminal syndicate had developed techniques and advanced malware strains, demanding ransom payments amounting to hundreds of millions of dollars. Their victims included prominent companies like Norsk Hydro and a Dutch chemical company, resulting in significant financial and operational consequences.

Major attacks and accusations

The Ukrainian police have accused the hacker group of orchestrating large-scale attacks against major organizations, causing substantial disruption and financial losses. Unscrupulously exploiting vulnerabilities within their victims’ networks, the criminals targeted companies such as Norsk Hydro and a Dutch chemical company, inflicting significant damage to their operations and reputation.

Identification and arrest of suspects

Through meticulous investigative efforts, Ukrainian authorities have identified the leader of the hacker group as a 32-year-old individual, along with four of his most active accomplices. In a synchronized operation, Ukrainian police arrested all five suspects and subsequently conducted searches in 30 properties associated with them. During these searches, authorities seized digital devices, substantial amounts of cash, and even cryptocurrency holdings.

Crypto-Locking Malware Strains Used

The cybercriminals employed a range of sophisticated and potent crypto-locking malware strains to carry out their attacks. Among these were Dharma, Hive, LockerGoga, and MegaCortex. Exploiting vulnerabilities in victims’ systems, these malware strains effectively locked down crucial data, subsequently demanding ransom payments in exchange for decryption keys. The utilization of such malware strains demonstrates the group’s technical sophistication and their capability to cause severe harm to targeted organizations.

“Big Game Hunting” technique

The hacker group engaged in a strategy known as “big game hunting,” primarily targeting larger companies in search of significant ransom payoffs. By focusing on organizations with deep pockets, these cybercriminals sought to maximize their financial gains. Through their attacks, they instilled fear and uncertainty throughout the business community, as companies realized that no organization was immune to the threat of ransomware.

Group’s operation in Kyiv

The hacker group operated out of Kyiv, the capital city of Ukraine. Despite geopolitical developments such as Russia’s war of conquest in Ukraine, the group continued to conduct their criminal activities from the city. This highlights the challenges faced by law enforcement agencies in combating cybercrime across international borders.

Previous arrests and accumulated evidence

The recent arrests build upon evidence gathered in a previous round of detentions that took place in October 2021. During those arrests, Ukrainian authorities detained 12 “high-value targets” who were implicated in cyberattacks orchestrated by the same hacker group. The accumulated evidence from these arrests has significantly contributed to the current investigation, painting a clearer picture of the group’s infrastructure and modus operandi.

Tactics employed by the group

The hacker group used a variety of tactics to infiltrate victims’ networks and execute their ransomware attacks. These tactics included SQL injection attacks, password cracking, and sophisticated phishing campaigns. By exploiting vulnerabilities in the security measures of the target organizations, the cybercriminals gained unauthorized access to critical systems and carried out attacks that had far-reaching consequences.

The arrest of this hacker group marks a significant achievement in the global fight against ransomware attacks and cybercrime. The Ukrainian police’s diligent efforts demonstrate the commitment and determination of law enforcement agencies to tackle sophisticated cybercriminal networks. As investigations continue, it is hoped that the apprehension of these criminals will send a strong message to others involved in ransomware attacks. Nevertheless, the battle against cybercrime remains ongoing, and it is crucial for organizations and governments worldwide to strengthen their cybersecurity protocols and collaborate closely to enhance global resilience against this evolving threat.

Explore more

Ethereum’s Fragile Recovery Faces Resistance and Low Demand

The Ethereum ecosystem is currently navigating a treacherous landscape where price action struggles to align with the technical milestones achieved during the most recent network upgrades. While the shift to a more scalable architecture was intended to invite a surge of institutional and retail capital, the reality in 2026 shows a market plagued by indecision and a noticeable lack of

macOS 28 Drops Support for Encrypted Mac OS Extended Volumes

The landscape of digital storage has shifted dramatically over the past decade, leaving legacy file systems struggling to keep pace with the rigorous security demands of modern computing environments. With the release of macOS 28, the long-standing compatibility for encrypted Mac OS Extended (HFS+) volumes has officially reached its end of life, signaling a definitive transition toward the more robust

CapCut Named 2026 Leader in AI Social Media Content Creation

The rapid evolution of generative artificial intelligence has fundamentally altered the digital landscape, shifting the burden of high-quality video production from specialized studios to the palm of every creator’s hand across the globe. By mid-2026, the demand for short-form content reached an all-time high, necessitating tools that could keep pace with the volatile trends of social media algorithms. CapCut emerged

How Will AI and RPA Shape Desktop Automation in 2026?

The integration of cognitive computing with traditional robotic process automation has fundamentally altered the way desktop environments operate across global industries today. No longer confined to the rigid, rule-based scripts of previous cycles, modern automation tools now serve as dynamic, goal-oriented assistants capable of navigating the intricacies of fragmented software landscapes. This shift has allowed organizations to bridge the significant

UiPath Navigates AI Pivot Amid Market Skepticism

The transition from legacy robotic process automation to a sophisticated, agent-centric architecture has forced enterprise software giants to fundamentally rethink their value propositions in an era defined by autonomous reasoning. This paradigm shift represents more than a mere software update; it is a complete structural overhaul that seeks to bridge the gap between simple task execution and complex cognitive decision-making.