Global Action Targeting Mainstream Cybercriminals, Many of Whom Hail from Russia - Global enforcement actions target predominantly Russian cyber-offenders
International Crackdown on Russian Cybercriminals Accused of Ransomware Activities
In a coordinated effort, participating states have seized control of approximately 300 servers globally, with around 50 servers located in Germany. Additionally, 650 internet domains have been neutralized, significantly weakening the technical infrastructure of the culprits. This operation, known as "Operation Endgame," has also led to the confiscation of over 3.5 million euros worth of cryptocurrency.
In Germany, suspects are under investigation for organized extortion and membership in a foreign criminal organization. Authorities have issued international arrest warrants for 20 suspects, primarily Russian, with ongoing investigations in the country.
German Federal Criminal Police Office (BKA) President Holger Münch stated, "Our strategies are proving effective, even in the supposedly anonymous darknet." This operation represents a significant contribution to cybersecurity.
Rustam Rafailevich Gallyamov, a 48-year-old Moscow resident, is among the accused. He is charged with leading a cybercrime group responsible for the development and deployment of the Qakbot malware, a key component in the global ransomware ecosystem.
Other indictments have been unsealed, charging 16 Russians connected to the development and deployment of the DanaBot malware, another tool used within this criminal ecosystem. The suspects are linked to various malware strains such as Bumblebee, Hijackloader, Trickbot, Warmcookie, and Lactrodectus, commonly offered as "cybercrime-as-a-service."
While the identities of all 20 suspects have yet to be fully disclosed, the operation has targeted Russian nationals associated with these malware operations. German authorities have taken down 50 servers and 650 domains in Germany alone.
This operation represents a significant blow to the cybercrime activities of the accused individuals. The suspects are allegedly involved in running and providing initial access malware tools like Qakbot and DanaBot, integral components in the global ransomware ecosystem.
- The seizing of 50 servers in Germany and the neutralization of 650 internet domains as part of "Operation Endgame" marks a significant contribution to the employment policy of cybersecurity, especially against Russian cybercriminals involved in ransomware activities.
- In the context of the international crackdown on Russian cybercriminals, the implication of suspects in Germany for organized extortion and membership in a foreign criminal organization highlights the need for a robust employment policy in the realm of technology and general-news, particularly in the areas of crime and justice.
