He is a 43-year-old Kazakh citizen, living in Alicante since 2014, when he arrived in search of a more comfortable and sunny life with his family. She is a 41-year-old Estonian citizen, living in Torrevieja with her partner and her son. Both are common dark web or Dark Internet (encrypted), where they found each other and kept in touch with other members of their organization, Ragnar Locker, dedicated to kidnapping data from large companies and demanding million-dollar ransoms in exchange for returning them so they could work again. “They did it with an important French hospital, which they left completely blocked, while compromising the confidentiality of the data of all their patients, and they also did it with a large transoceanic container transport company, completely paralyzing all shipments” , explains the head of the Technological Crimes Group of the Alicante Civil Guard, who put the handcuffs on them last week in their respective homes in Alicante.
The researchers have been able to verify that in four years this organization of hackers, with branches in the Czech Republic, Ukraine, Germany, Latvia, Japan, the Netherlands and the United States, made off with a loot of more than 15 million euros in ransoms. At least. Those detained in Spain, with extensive computer and programming knowledge, were launderers of the money obtained by the organization through blackmail, as well as virus creators (malware) capable of blocking companies and virtual wallet depositories. “In the province of Alicante alone, technological crimes have increased more than 500% from last year to this year,” warns the researcher.
According to the last Cybercrime report published by the Ministry of the Interior, in the period from 2018 to 2022 there is a striking increase in computer crimes. In 2022, a total of 374,737 incidents were recorded, 22.7% more than the previous year. Of that figure, 89.7% corresponds to computer fraud (scams) and 4.3% to threats and coercion.
Neither he nor she had any kind of criminal record, according to the researchers, who assure that it is the most frequent profile: “This type of organizations, whose leader was also arrested in the Czech Republic, always look for people who are clean and who can pass unnoticed, with an apparent normal life,” they say. “Normally, they enter these groups through initiation tests that they propose to each other, such as attacks on specific companies; If once the challenge is posed, it is executed, they enter,” the researchers explain.
In the case of those arrested in Spain, he had a business as a cover, a virtual bitcoin transaction machine in a shopping center in Alicante, according to the investigators, who claim that, “in addition, he set up that company with money from the extortion to other companies.” She, on the other hand, had no known job. But both had a high standard of living, “despite there being no reasons to justify it,” according to the agents.
What affects the most is what happens closest. So you don’t miss anything, subscribe.
Subscribe
Camouflaged on the Costa Blanca
For years, the so-called Costa Blanca has become a draw for foreign citizens and members of organized crime seeking camouflage and the good life, according to researchers. “No company, large, small or medium, is safe from this type of criminals,” they warn; “It is essential that they ensure they are protected: maintaining Wi-Fi networks with the highest security measures, using strong passwords and verifying that emails are sent by a real sender,” they recommend.
The two detainees in Spain, who never spoke on the phone and only maintained contact through cryptocurrency platforms, had attacked 168 companies (“a Portuguese airline, law firms, textile companies, health companies such as an Israeli hospital… .”) along with the members of Ragnar Locker: “The virus itself sends the victim a message in which they inform them that their data has been kidnapped, because they encrypt [encriptan] their access and prevent them from carrying out their activity. Then they request a ransom of up to five million euros, they give them a virtual wallet (a kind of checking account) where they must make the deposit. That is why they tend to look for large companies with liquidity and many pay for fear of losing more money and prestige, since they are threatened with publishing their clients’ data,” the researchers say.
At the same time, they warn that recovering the money paid for the ransom is practically impossible, “because they immediately escalate it and disperse it across hundreds of virtual wallets.” One of those was found on the Kazakh citizen of Alicante in the computer devices seized in this operation, with only 6,000 euros. “But it is very important because it is definitive proof of the activity they carried out,” explains the person responsible for the operation baptized as Bitazgo.
These are investigations that last for years due to their difficulty, because they require the participation of agents with advanced and sufficiently specialized computer knowledge. Furthermore, at many times, they encounter the ignorance or lack of preparation of judges in this area, which increases the difficulty of obtaining evidence in that parallel world, the digital one.
Those arrested are now facing several accusations for alleged crimes against privacy, fraud, computer damage, criminal organization, money laundering, revelation of secrets… with sentences that could reach up to ten years.
With this international operation, which has had the participation of Europol and Interpol, one of the most active and harmful groups of hackers, which had already been previously investigated by the United States FBI and the French National Gendarmerie, is dismantled.
Subscribe to continue reading
Read without limits
_
#profitable #business #hijacking #company #data #million #euros #years