Leading enterprise in the Netherlands and Belgium attacked: police expose Russian hackers' accomplice

Leading enterprise in the Netherlands and Belgium attacked: police expose Russian hackers' accomplice

Kyiv  •  UNN

 • 14922 views

The 28-year-old native of Kharkiv region, according to police, collaborated with Russian hacker groups to disguise ransomware viruses as safe files, which were used to infect the company's computer networks in the Netherlands and Belgium with a ransom demand for decryption.

Cyberpolice and National Police investigators identified a Kyiv resident who, at the request of members of a Russian hacker group, disguised a ransomware virus as safe files. The hidden program was used by Russian hackers to interfere with the computer networks of a leading foreign enterprise, and the suspects demanded a ransom for decrypting the data. This was reported on Wednesday by the National Police, UNN writes.

Details

Law enforcers reportedly identified a 28-year-old native of Kharkiv region who cooperated with a Russian hacker group for a reward.

The police found out that the young man specialized in the development of crypto-coders - special software for disguising computer viruses as safe files. Thanks to his programming skills, the suspect could hide malware from the most popular antiviruses.

"One of the Russian hacker groups used the services of a Kyiv resident for a reward in cryptocurrency to disguise the Conti-malware ransomware virus. And at the end of 2021, members of the group infected computer networks of enterprises in the Netherlands and Belgium with hidden malware. As a result of these actions, they became unusable. The hackers demanded a ransom to decrypt the computers," the police said.

In the course of the investigation, cyber police reportedly identified the attacker as a member of the Russian hacker groups LockBit and Conti. They specialize in blocking the work of industrial enterprises by encrypting computer networks for ransom.

As part of the pre-trial investigation, a search was conducted in Kyiv. Also, following an international request from law enforcement agencies in the Netherlands, a search was conducted in Kharkiv region. Computer equipment, mobile phones and draft records were seized.

The investigation is ongoing, the issue of serving a notice of suspicion to the suspect under Part 5 of Art. 361 (Unauthorized interference with the operation of information (automated), electronic communication, information and communication systems, electronic communication networks) of the Criminal Code of Ukraine is being decided. The sanction of the article provides for up to 15 years in prison. Additional legal qualification is possible.