Gardaí help US take down ‘serious' cybercriminal gang behind $370m ransom payments
Key operational infrastructure, including the dark web leaks page and the victim negotiation site, as well as domains attributed to the international criminal network have been successfully removed.
Other law enforcement agencies including the United States Department of Homeland Security (DHS), US Secret Service, the FBI, as well as Dutch, German, UK and Ukrainian police, and Europol took part in the operation.
According to a Garda press release, the Blacksuit ransomware group are an organised crime gang responsible for the commission of ransomware and other 'serious cyber criminality internationally'.
'The Blacksuit ransomware group emerged in May 2023, as a result of the rebranding of the Royal Ransomware Group,' gardai said, 'itself originating from the Conti Ransomware Group, responsible for a number of serious ransomware attacks internationally.'
The Garda Assistant Commissioner for Organised and Serious Crime said they will continue to work with international law enforcement colleagues and private partners 'to identify, target and disrupt organised crime groups using the infrastructure to carry out ransomware and other forms of cybercrime'.
'Our work to date involving close collaboration with international partners, including this seizure and takedown of key online operational infrastructure will continue as part of our ongoing effort to keep people safe both on an offline.'
According to gardaí, dark web leaks page is a website maintained by a ransomware group on the darknet. It is where they publish the names of victims that refuse to pay a ransom or to engage with them.
A victim negotiation site is another site maintained by the threat actors. This is not generally accessible by the wider public, but is where the victims of a ransomware go to engage and communicate with the offenders.
In the US, authorities there said the operation resulted in the seizures of servers, domains and digital assets used to deploy ransomware, extort victims, and launder proceeds.
ADVERTISEMENT
'Disrupting ransomware infrastructure is not only about taking down servers, it's about dismantling the entire ecosystem that enables cybercriminals to operate with impunity,' said HSI Cyber Crimes Center Deputy Assistant Director Michael Prado.
'This operation is the result of tireless international coordination and shows our collective resolve to hold ransomware actors accountable.'
Since 2022, the Royal and BlackSuit ransomware groups have compromised over 450 known victims in the United States, including entities in the healthcare, education, public safety, energy and government sectors.
Combined, the groups have received more than $370 million in ransom payments, based on present-day valuations of cryptocurrency.
The ransomware schemes used double-extortion tactics — encrypting victims' systems while threatening to leak stolen data to further coerce payment.
'This investigation reflects the full reach of HSI's cyber mission and our commitment to protecting victims — whether they're small businesses, school systems, or hospitals,' said HSI Washington, D.C. acting Special Agent in Charge Christopher Heck.
'We will continue to target the infrastructure, finances and operators behind these ransomware groups to ensure they have nowhere left to hide.'
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Irish Daily Mirror
2 hours ago
- Irish Daily Mirror
Garda probe launched after gang of men burst into Limerick pub armed with knives
Gardaí have launched an investigation after a public order incident involving a number of men at a Co Limerick pub. On Sunday, a group of men are understood to have burst into a pub in Newcastle West at around 10pm armed with knives and bottles of chemicals, Limerick Live reports. No criminal damage or persons injured has been reported, at this time. The Irish Mirror's Crime Writers Michael O'Toole and Paul Healy are writing a new weekly newsletter called Crime Ireland. Click here to sign up and get it delivered to your inbox every week Gardaí confirmed that investigations are ongoing as they appeal for any witnesses to this incident to come forward. A Garda spokesperson told the Irish Mirror: "Gardaí in Newcastle West are investigating an incident of public order involving a number of males that occurred at a commercial premises in Newbridge, Co. Limerick on Sunday night 10 August at approximately 10pm." They added: "Anyone who was in the area at the time of the incident is asked to make contact with investigating Gardaí at Newcastle West. "Gardaí can be contacted at the Newcastle West Garda Station on 069 20650, the Garda Confidential Line on 1800 666 111, or any Garda Station." Subscribe to our newsletter for the latest news from the Irish Mirror direct to your inbox: Sign up here.
The 42
20 hours ago
- The 42
Eight-week ban for ex-Premier League referee over Jurgen Klopp comments
FORMER PREMIER LEAGUE referee David Coote has been given an eight-week suspension and told to attend an education programme over abusive words he used about ex-Liverpool head coach Jurgen Klopp. Coote was charged by the Football Association in June after the comments about Klopp came to light in a video circulated on social media last November. The FA said he had subsequently admitted the charge. Coote's misconduct was defined as an aggravated breach under the FA's rules because there was a reference to Klopp's nationality. Coote was sacked by Professional Game Match Officials Limited (PGMOL) last December, a month after the video filmed in July 2020 came to light. Advertisement PGMOL said in confirming Coote's dismissal last December that his position had become 'untenable'. In it, Coote is heard saying it had been 's***' to be fourth official at a Liverpool match in the summer of 2020, describing Klopp as a 'German c***'. He also said Klopp was 'f****** arrogant'. When the FA charged him over the Klopp comments in June, the governing body said Coote would face no further action in regard to separate allegations of gambling misconduct, which he had strenuously denied. The FA said those allegations had been fully investigated. Coote was banned by European football's governing body UEFA in February until June 30, 2026 after a different video emerged of him snorting a white powder through a bank note while in Germany for last summer's Euros. In January, Coote came out as gay in an interview with The Sun and said that a lifelong struggle to hide his sexuality had contributed to the rant about Klopp, and to his drug use. 'My sexuality isn't the only reason that led me to be in that position. But I'm not telling an authentic story if I don't say that I'm gay and that I've had real struggles with hiding that,' he said. 'I hid my emotions as a young ref and I hid my sexuality as well — a good quality as a referee but a terrible quality as a human being. And that's led me to a whole course of behaviours.' Coote's formal response to the FA charge was detailed in the regulatory commission's written reasons which were published alongside the confirmation of the sanctions imposed. He accepted his words about Klopp were 'crass, inappropriate and unworthy of the role that he held within the game' and asked the commission to accept that his decision not to attend the hearing was not made out of avoidance, but due to his mental state. Coote said the words did not respect his true view of Klopp, for whom he had always had a deep professional respect. The panel wrote: 'DC (Coote) stated that he felt an immense sense of shame. He had lost a career that formed the very core of his identity. He had lost all his income and the media attention had deepened his sense of humiliation and despair. 'He was trying to piece his life back together, from a place of near total collapse.'
The Irish Sun
20 hours ago
- The Irish Sun
Four Volkswagen executives sentenced in latest Dieselgate ruling – Can you still claim compensation?
*If you click on a link in this article we will earn affiliate revenue NEW CLAIM Four Volkswagen executives sentenced in latest Dieselgate ruling – Can you still claim compensation? A four year trial concluded when a German court sentenced four former Volkswagen directors for their part in the diesel cheating emission scandal uncovered in 2015. Two defendants received prison sentences, with the former head of diesel motor development receiving the heaviest term of four years and six months. 1 Many other car brands in the UK are also offering compensation Credit: Alamy While the trial might have been brought to a close, prosecutors are still uncovering how widely the scandal was known around the company. According to the Financial Times, criminal proceedings against a total of 31 defendants are still pending. Volkswagen is also facing a separate civil case, where it may have to pay damages for the effects dieslgate had on the markets. Currently, the emission cheating scandal has cost Volkswagen billions, with some of this money owed to UK drivers as compensation. Check Diesel emissions claims eligibility What was Dieselgate? In September 2015, the Environmental Protection Agency (EPA), an American environmental regulatory body, found a 'defeat device' in many US Volkswagens. This was a piece of software which would make the vehicle look less polluting than it was during emissions testing. Volkswagen later admitted that this software could be found in millions of vehicles worldwide - including models across the UK and Europe. In the UK, over 1.2 million diesels were recalled once the EPA found these devices. This included thousands of Volkswagens, Audis, and Skodas. However, Diesel Claim, a law firm, believes many other vehicle manufacturers are guilty of fitting these devices too. That includes Ford, BMW, Land Rover, Jaguar, Mercedes, Renault, and Nissan. Can I still claim compensation? Diesel Claim said UK drivers are due compensation for this scandal, and it is fighting the case for claimants in court. It believes it has affected the resale value of affected vehicles, led to higher fuel costs for consumers, and increased your carbon footprint - meaning drivers should receive a pay out. To be eligible to claim compensation through Diesel Claim, you need to have bought a diesel vehicle between 2009 and 2019. The vehicle must also have been manufactured between these dates. If you're unsure, you can type your vehicle's registration number into its claims checker. Claimants could receive up to £10,000 in compensation. Diesel Claim works on a no win no fee basis, meaning you won't need to pay any fees for joining. It's only if you're successfully awarded compensation that Diesel Claim will take a cut of your compensation.
