As per reports, French police, in association with other European countriesโ€™ help, have arrested the members of the Egregor ransomware group in Ukraine.

Names of the arrested arenโ€™t revealed yet but are believed to be affiliates of the Egregor group and not the authors. This ransomware group has infected over 200 victims and earned well in just a short span.

Police Caught Members of Egregor Group

Egregor Ransomware Affiliates Arrested by French Police in UkraineEgregor ransomware, which started its operations in September last year, is believed to be the successor or an updated version of Maze ransomware, which shut down its operations in the same period. Itโ€™s reported that many of the Maze group affiliates have then moved to the Egregor eventually.

And now, even the new group seems to have an end. This is because a few of the groupโ€™s affiliates were reportedly arrested by French police in Ukraine, as reported by French radio station France Inter.ย It should be noted that the arrested members are the affiliates and not the ransomwareโ€™s authors.

These are different, as the Egregor works as a Ransomware-as-a-Service model, where the makers of this malware are different from the distributors and ransom payments handlers. While the makers craft the malware, distributors are the hackers and other adversaries who infect the target networks and encrypt their systems.

Then, the proceeds from ransom payments are collected by another member who shuffles through the Bitcoin mixing services and safely passes them back to makers and distributors. As per reports, the affiliates (distributors) have been arrested, and their identities arenโ€™t revealed yet.

Itโ€™s also reported that Egregorโ€™s C2 and data leak site is offline since Friday, which shows a dent made on their infrastructure. Regarding this, Allan Liska from Recorded Future, a cybersecurity firm, said to ZDNet,

โ€œWhile there has been no police banner, as there often would be in this case, it is unusual for ransomware actors as well-resourced as Egregor to have all of their infrastructures go offline at the same time.โ€

Whatever, Egregor has made enough fortune to be retired if consequences didnโ€™t turn out well. The ransomware group is in the top 5 list of most earned groups, squeezing somewhere between $40-$50 million in ransoms from its over 200 victims throughout the span.

LEAVE A REPLY

Please enter your comment!
Please enter your name here