Particle.news

Download on the App Store

International Task Force Seizes Servers of Blacksuit/Royal Ransomware Network

The operation halts a group blamed for over $500 million in global damage ahead of today’s Hanover briefing on seized evidence.

Image
Image
Ermittler aus Niedersachsen haben in einer international koordinierten Aktion die Server einer auf Cybererpressung spezialisierten Bande beschlagnahmt. Die Gruppierung soll weltweit Schäden von mehr als 500 Millionen US-Dollar verursacht haben.

Overview

  • Investigators from LKA Niedersachsen and Staatsanwaltschaft Verden worked with U.S. Homeland Security and Europol to identify and seize the group’s servers at the end of July.
  • Shutting down the servers halted the group’s communication networks, malware distribution and public-facing platforms.
  • Blacksuit/Royal employed a double-extortion scheme by encrypting victims’ data, stealing copies and threatening publication or sale to force ransom payments.
  • Authorities secured extensive volumes of data during the operation for forensic analysis to identify and prosecute those responsible.
  • A press conference in Hanover at 12:30 p.m. today will unveil further details on the evidence and next steps in the investigation.