Several cybercriminals were arrested in Ukraine last Tuesday (09), accused of being part of the group behind the ransomware, Egregor, responsible for the invasion of several companies around the world, especially in France, with attacks on game developer Ubisoft, the industrial logistics group, GEFCO and others.
According to France Inter radio, the French police, in partnership with the Ukrainian police, managed to find the suspects through blockchain records, left by the ransom payment.
Investigations French police against Egregor started in September last year, after several French companies and organizations were attacked and their data compromised.
Kaspersky researchers consider Egregor an “aggressive ransomware”, which gives victims only 72 hours to pay for the rescue of encrypted data. If the company does not pay, the data is stolen and sold, or published for free, on forums on the dark web. Behavior very similar to the recently retired Maze.
Security researchers at Digital Shadows believe that the ransomware-as-a-service (RaaS), Egregor, was developed by former Maze members, group responsible for several massive attacks during 2020.
“First seen on September 25, 2020, the ransomware variant Egregor has made considerable strides in the wake of Maze, another ransomware threat actor who stopped operations in October 2020,” writes product manager, Lauren Place .
French radio does not say how many people were arrested in the operation, nor whether the defendants are responsible for the development of Egregor, or just a group which purchased Egregor ransomware services.
Source: France Inter.
See the original post at: https://thehack.com.br/integrantes-do-ransomware-egregor-sao-presos-na-ucrania/?rand=48873