Ukrainian cyber police arrest ransomware gang Cl0p


The Ukrainian cyber police have reported a blow against the gang of criminals that caused enormous damage with the crypto-Trojan Cl0p (also known as Clop). Together with agents from the South Korean Federal Police, Ukrainian special forces carried out 21 searches in and around Kiev and arrested six people for the time being. They are charged with hacking and money laundering.

The defendants now face eight years imprisonment in a Ukrainian prison. The Communication from the Ukrainian cyber police According to the gang had been active since at least 2019. At that time, she sent malware via email. For example, she found victims in Germany and South Korea who opened the email attachments, which triggered the download of the ransomware.

It encrypted the foreign systems, whereupon the perpetrators demanded a high ransom for the decryption. If a victim refused to pay, for example because they preferred to use backups, the gang published the foreign data. This was the case in more than 1,300 cases, including the Technischen Werks Ludwigshafen (TLW) last year.

In Canada and the United States of America, too, the perpetrators broke into strange computers. In the current year, for example, universities in Maryland and California as well as the support system of the security company Qualys were affected. Cl0p used security holes in Accellion FTA servers. These loopholes can be exploited remotely without authentication to execute malicious code.

Access to Cl0p

The total damage is said to amount to half a billion US dollars. Through international cooperation, investigators have paralyzed the criminals’ infrastructure both for spreading the malware and for whitewashing the ransom money extorted in the form of cryptocurrencies, say the Ukrainian police.

She confiscated several luxury cars, cash worth at least 150,000 euros and various electronic devices. A video shows excerpts of the access. In addition to a lot of money counting and filling out forms, you can briefly see how the officers try to read confiscated cell phones with a spy device from the Israeli forensics company Cellebrite.


To home page