Cybercrime: indictment against suspected cyber extortionist
A Ukrainian suspect has been charged with malware use and ransom extortion. The man is said to belong to a globally active cybercrime group.
(Image: Gorodenkoff/Shutterstock.com)
The public prosecutor's office in Karlsruhe has brought charges against a cybercriminal. The man is alleged to have carried out cyberattacks on numerous German companies and institutions and extorted ransom money. This was reported by Spiegel Online on Monday.
The 45-year-old suspect was arrested in Bratislava in June last year after several years of international investigations by the Baden-WĂĽrttemberg State Criminal Police Office in cooperation with the Slovakian authorities and was extradited to Germany in September. According to prosecutors, the man is suspected of encrypting the data of 22 German companies and institutions with malware in 2019 and demanding a ransom for its release. Among those affected by the cyberattacks were the WĂĽrttemberg State Theatre in Stuttgart and several manufacturers of medical products. The data encryption and system failure caused an estimated economic loss of over 2.4 million euros.
Globally active cybercrime group
The public prosecutor's office has charged the suspected cybercriminal with gang and commercial computer fraud, among other things. According to the investigators, the man from Ukraine is a member of the globally active cybercrime group "GandCrab", which extorted money from its victims using encryption attacks. The economic damage caused by the group worldwide is estimated at more than 100 million euros.
The GandCrab ransomware has attacked countless Windows computers worldwide since 2018. The malware lurked behind fake software cracks and in fake job application emails, among other things. The blackmail Trojan also attempted to eat its way through various security vulnerabilities. At the beginning of June 2019, the developers of the malware announced its end. According to them, they were earning 2.5 million US dollars per week. GandCrab was presumably replaced by the malware "Revil".
Last year, a then 24-year-old man from Ukraine was sentenced in the USA to 13 years and seven months in prison and a fine of USD 16 million for his involvement in more than 2,500 ransomware attacks. In his cyberattacks, the man is said to have encrypted other people's computers with the Sodinokibi/REvil malware and demanded a ransom for the release of the data.
Videos by heise
Growing threat situation
The German security authorities have been warning for years about the growing threat and damage potential of encryption Trojans. Ransomware attacks pose a particular threat to critical infrastructure, including hospitals, energy and utility companies, as well as public administration and international supply chains.
Considering the threat situation, the Baden-WĂĽrttemberg Cybercrime Center at the Karlsruhe Public Prosecutor General's Office began its work in January 2024. It is responsible for particularly challenging cybercrime proceedings in the federal state, i.e. crimes that are directed against information technology systems or are carried out using computer and information technology. Last year, the Cybercrime Center was also involved in the arrest of the Ukrainian man now on trial in Slovakia.
(akn)
