Four arrested in major European cybercrime sting

Largest ever operation against ransomware botnets disrupts IcedID, Smokeloader, SystemBC, Pikabot and Bumblebee

Four people have been arrested in Ukraine and Armenia and more than 100 internet servers taken down or disrupted in a major sting operation targeting international cybercrime that has impacted thousands of people, Europol said on Thursday.

Carried out between May 27th and 29th, the European Union’s law enforcement agency called it “the largest ever operation against botnets, which play a major role in the deployment of ransomware”.

Dismantled botnets included IcedID, Smokeloader, SystemBC, Pikabot and Bumblebee, it added.

The sting, dubbed Operation Endgame, was initiated and led by France, Germany and the Netherlands. It involved several other countries, including Britain, the United States and Ukraine, Europol said in a statement.


“With the international Operation Endgame, our investigative authorities have succeeded in dealing the biggest and most significant blow against cybercrime to date,” German Interior Minister Nancy Faeser said in a statement.

The lengthy police investigation disrupted infrastructure “from which massive attacks with ransomware originate worldwide, in which data is captured, encrypted and then the victims are blackmailed,” Faeser said, adding that such crime caused significant economic damage to Germany.

“The thousands of victims (will be alerted) so that they can protect themselves from other ransomware attacks”, the French prosecutor's office said in a statement.

One of the arrests was made in Armenia and the other three in Ukraine, Europol said, adding that more than 2,000 domains were now under the control of law enforcement.

Malware allows cybercriminals to secretly connect to people's computers for malicious purposes.

One of the main suspects earned at least €69 million in cryptocurrency by renting out criminal infrastructure sites to deploy ransomware, according to investigators. – Reuters