Suspected developer of Ragnar Locker ransomware arrested in Paris

Share post:

The suspected developer of the Ragnar Locker ransomware strain is in custody in France and the malware’s IT infrastructure taken down after an international police operation, the Europol police co-operative announced Friday.

The gang behind the creation and distribution of this strain was responsible for numerous high-profile attacks against critical infrastructure across the world after emerging in 2019. According to the FBI, as of January 2022 it had hit at least 52 organizations across 10 critical infrastructure sectors.

Europol’s announcement today was the culmination of police action that started on Monday, including searches in Czechia, Spain and Latvia. But the statement said the investigation has its roots in the arrests in Ukraine just over two years ago of what it called two “prolific” ransomware operators.

The individual Europol called the “key target” was arrested in Paris on Monday, and his home in Czechia was searched. Five other suspects were interviewed in Spain and Latvia in the following days, Europol said. The statement doesn’t say what happened to them. But the person arrested in Paris has been brought in front of examining magistrates there.

The ransomware’s infrastructure was also seized in the Netherlands, Germany and Sweden, and the associated data leak website on Tor was taken down in Sweden.

The investigation was led by the French National Gendarmerie and included law enforcement authorities from the Czechia, Germany, Italy, Japan, Latvia, the Netherlands, Spain, Sweden, Ukraine and the United States.

Also this week, a white hat hacking group from Ukraine said it took down the IT infrastructure behind the Trigona ransomware.  

The post Suspected developer of Ragnar Locker ransomware arrested in Paris first appeared on IT World Canada.
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs


Related articles

Cyber Security Today, Week in Review for week ending Friday, Feb. 23, 2024

This episode features discussion on the takedown of the LockBit ransomware gang

Breaking news: RCMP facing ‘alarming’ cyber attack

The RCMP is facing a serious cyber attack from an unspecified threat actor. The Mounties told CBC News today that a “breach of this magnitude is alarming.” “The situation is evolving quickly but at this time, there is no impact on RCMP operations and no known threat to the safety and security of Canadians,” a spokesperson

Leaked documents may show the inside of China’s hacking strategy

Documents apparently stolen by disgruntled employees to embarrass their firm may give insight into China's cyber

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways