Ragnar Locker ransomware website taken down by FBI, Europol

The leak website of the prolific ransomware gang Ragnar Locker was changed with a takedown discover from the FBI, Europol and a number of other regulation enforcement businesses in Europe on Thursday.

In an announcement to Recorded Future Information, a Europol spokesperson mentioned they can not launch extra details about the operation as a result of “plenty of actions are nonetheless ongoing.”

“I can affirm that Europol is a part of an ongoing motion in opposition to this ransomware group,” Europol deputy spokesperson Claire Georges mentioned. “A communication is deliberate for tomorrow afternoon when all of the actions have been finalised.”

An FBI spokesperson declined to remark in regards to the operation. If confirmed, this may be the most recent in a string of ransomware gang takedowns this 12 months — the Hive group notably had their infrastructure disrupted in January.

The FBI reported that from April 2020 to March 2022, the Ragnar Locker ransomware was chargeable for assaults on no less than 52 entities throughout 10 vital infrastructure sectors, together with corporations concerned in manufacturing, vitality, monetary providers, authorities, and knowledge expertise sectors.

Since 2019, the group has used the double extortion tactic — freezing entry to programs and threatening to launch stolen information — to extract as a lot cash out of victims.

The group has made waves through the years with a number of high-profile victims, together with the most important airline in Portugal, a big Israeli hospital, Greece’s nationwide pure gasoline operator and most not too long ago company journey administration agency Carlson Wagonlit Journey.

Emsisoft ransomware knowledgeable Brett Callow mentioned Ragnar Locker has been lively for plenty of years, and might be one of many longest working manufacturers.

“Whereas this disruption will seemingly not have a big affect on the ransomware panorama, it’s nonetheless one other win for the nice guys,” he mentioned.

The FBI and European regulation enforcement businesses most not too long ago took motion in opposition to Qakbot — one of the prolific and longest-running botnets. It had change into the preliminary entry methodology of selection for a number of high-profile ransomware gangs, together with REvil, Black Basta, Conti, Egregor and MegaCortex.

A number of different felony marketplaces, cybercriminal infrastructure organizations and distributed denial-of-service (DDoS) assault platforms have additionally been dismantled by regulation enforcement businesses this 12 months.