In a major international crackdown, law enforcement agencies have disrupted several major ransomware operations by dismantling their infrastructure and issuing multiple indictments.
Led by Europol and Eurojust, Operation Endgame took down 300 servers and neutralized 650 domains tied to ransomware and malware activity. The coordinated effort also resulted in 20 international arrest warrants and the seizure of over €3.5 million in cryptocurrency, bringing the total haul from the operation to more than €21.2 million.
The campaign targeted malware strains used for initial access, including Bumblebee, Lactrodectus, Qakbot, Hijackloader, DanaBot, Trickbot, and Warmcookie. These tools serve as entry points for ransomware attacks, enabling cybercriminals to infiltrate networks before deploying ransomware payloads.
“This operation shows law enforcement’s ability to strike back, even as cybercriminals evolve,” said Europol’s executive director, Catherine De Bolle. “By disrupting their support services, we’re cutting the ransomware chain at its origin.”
Authorities have also appealed for public assistance in identifying additional suspects tied to the disrupted infrastructure.
As part of the ongoing operation, the U.S. Department of Justice charged Russian national Rustam Rafailevich Gallyamov, 48, for leading a group that used Qakbot malware to infect thousands of systems globally. He allegedly provided access to co-conspirators who deployed high-profile ransomware strains including REvil, Conti, and Black Basta, and profited from ransom payments.
In a parallel development, 16 individuals have been indicted for developing and spreading DanaBot malware, which infected over 300,000 systems and caused an estimated $50 million in damages.
Kenneth DeChellis, special agent in charge at the Department of Defense’s Cyber Field Office, emphasized the threat DanaBot posed. “These actions disrupted a group that endangered sensitive networks and profited from stolen data,” he said. “We remain committed to defending our digital infrastructure.”
Operation Endgame marks one of the most significant global strikes against ransomware infrastructure to date, showcasing the growing capability and cooperation of international cybercrime enforcement.
Stay ahead of emerging cybersecurity threats. For the latest insights and updates on cloud security, follow SOC News.
News Source: ITPro.com
