Spanish Police Dismantles “Largest And Most Complex” Ransomware Ring

Spanish authorities, in cooperation with Europol, have arrested eleven people suspected of running “the largest and most complex” cybercrime network dedicated to ransomware.

Ransomware is an especially intrusive form of malware that pretends to originate from various law enforcement agencies (including FBI) and locks access to a computer, accusing the user of visiting illegal websites or violating copyright. It then demands a payment in order for the (nonexistent)  charges to be dropped.

According to the European Cybercrime Centre (EC3), part of Europol that coordinates cross-border law enforcement activities against cybercrime, the ransomware netted its creators profits in excess of €1 million (£862,000) per year.

Operation Ransom

This particular piece of malicious software, dubbed the “Police Virus” by the Spanish, demanded a ‘fine’ of €100, keeping the user’s computer hostage until the funds reached the hackers. At the same time, it also looked through user’s files in search of personal information.

A typical ransomware page

Since the virus was detected in May 2011, there have been more than 1200 reported cases in Spain alone. The Spanish Ministry of the Interior admitted that this malware could have affected “millions” of computers in at least 22 countries.

To combat the threat, Spanish authorities launched an international operation codenamed “Ransom”, led by the Technological Investigation Brigade of the Spanish National Police force and coordinated by Europol and Interpol, with additional support from Eurojust, the attachés of the Ministry of Interior of the Spanish Embassy in Moscow and the Spanish Embassy in the UAE.

The first to be arrested was a 27-year-old Russian national, responsible for the creation, development and distribution of the various versions of “Police Virus”. He was apprehended in the United Arab Emirates while on holiday, and is awaiting extradition to Spain.

Several days later, ten more members of the money laundering network were arrested in Costa Del Sol, including six Russians, two Ukrainians and two Georgians.

As part of the operation, police searched six offices, seizin IT equipment and credit cards which were used to cash out the ‘ransom’. According to EC3, money was laundered using various online gaming portals, electronic payment gateways, virtual currency and compromised credit cards.

It was then discovered that daily international money transfers were made through currency exchanges and call centres, ensuring that the funds arrived at their final destination in Russia.

The investigation is ongoing, and the Spanish authorities have said that “further arrests are not ruled out”.

How well do you know Internet security? Try our quiz and find out!

Max Smolaks

Max 'Beast from the East' Smolaks covers open source, public sector, startups and technology of the future at TechWeekEurope. If you find him looking lost on the streets of London, feed him coffee and sugar.

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago