The cybercriminals associated with the Clop ransomware gang were arrested by Ukrainian law enforcement agency and its infrastructure used in attacks targeting victims worldwide since at least 2019 was shut down.
According to the Cyberpolice Department of the National Police of Ukraine the ransomware group is responsible for total financial damages of approximately $500 million.
The authorities stated that the law enforcement has also managed to shut down the infrastructure from which the virus spreads and block channels for legalizing criminally acquired cryptocurrencies.
The law enforcement officers conducted 21 searches in the capital and Kyiv region, in the homes of the defendants, and in their cars.
The defendants face up to eight years in prison. Investigative actions continue and the procedural guidance is provided by the Office of the Prosecutor General of Ukraine.
However, it is not yet clear if the arrested persons are affiliates or core members of the ransomware operation.
The cybercriminals were arrested following an international operation in cooperation with law enforcement officers from the United States and the Republic of Korea.
The cybersecurity company Intel 471 stated that the Ukrainian authorities arrested only individuals involved in laundering money for the Clop gang since its core members are probably living in Russia.
It is believed that the overall impact to CLOP will be minor although this law enforcement attention may result in the CLOP brand getting abandoned.
Besides encrypting attacks, the Clop ransomware gang was linked to the recent wave of Accellion data breaches which led to a drastic increase in average ransom payments calculated for the first three months of 2021.
As Clop’s Tor payment site and data leak site are still operational, it appears that the Clop ransomware operation has not been completely shut down at this time.
Image Credits : The World