Europol Takes Down Ransomware Cybercrime Gang
February 14, 2013

Busted! Ransomware Cybercrime Gang Taken Down By Authorities

redOrbit Staff & Wire Reports - Your Universe Online

Europol announced on Wednesday that it has broken up a well-organized gang of cybercriminals that extorted millions of euros from online users in more 30 countries by persuading them pay phony police fines.

The group used a "ransomware" virus that locked victims´ computers, and then displayed messages claiming the action was taken by authorities based on the users´ abusive Internet usage. The message told victims they were under investigation for accessing child pornography or illicit file-sharing, and that a fine of 100 euros ($135) was required to unlock their computers, Europol said.

"It's impossible to know for sure how many citizens were affected by this, but we estimate hundreds of thousands of Europeans were," said Europol director Rob Wainwright during a news conference at Spain´s Interior Ministry in Madrid on Wednesday.

The "ransomware" virus used by the criminals had up to 48 different mutations to thwart users´ anti-virus software.

Spanish authorities said the cybergang had been operating from the Mediterranean resort cities of Benalmadena and Torremolinos, and had made at least 1 million euro ($1.35 million) per year in Spain alone.

Europol did not disclose how much the criminals might have gained in total from their online extortion, but Wainwright said that roughly 3 percent of the targeted victims had actually paid the fraudulent fines.

"If we take into account that the average fine was 100 euros ($130) and 3 percent...paid it, then the estimated damage is millions of euros," he said.

Francisco Martinez, Spain's secretary of state for security, said the cybergang´s leader was a 27-year-old Russian citizen, who was arrested in December while on holiday in the United Arab Emirates. Spain is seeking his extradition.

Last week, Spanish police arrested 10 other members of the group – 6 Russians, 2 Ukrainians and 2 Georgians – in Costa del Sol, a popular tourist destination in southern Spain.

These members primarily engaged in laundering the money collected from the fake fines in Spain and elsewhere and sending it to Russia via electronic payments, while the Russian citizen suspected of leading the gang was responsible for developing the ransomware virus, authorities said.

Europol did not disclose any additional details about the Russian citizen. Investigators said they are continuing to search for other possible cells operated by the criminal network outside of Europe.

Europol´s crackdown comes more than one year after the agency began its investigation in December 2011, after receiving complaints from six nations that had reported more than 20,000 victims of the ransomware virus.