With the help of the FBI, German and Ukrainian police last week searched the properties of two suspected “core members” of a global cybercrime gang that has cost US victims tens of millions of dollars, European officials said Monday.
German police officers raided a German citizen’s house, while Ukrainian police searched properties in the capital Kyiv and the eastern city of Kharkiv, European Union law enforcement agency Europol said.
The news shows how US and European officials’ hunt for ransomware gangs continues despite the upheavals caused by Russia’s war in Ukraine – two countries where many alleged ransomware operatives are based. Moscow generally refuses to extradite hackers wanted in the US and Europe, while the war has caused some Ukrainian hackers to flee the country.
Ransomware is malicious software that locks computers, typically so that hackers can demand payment. While labeling ransomware a national security threat, the Biden administration has invested heavily in trying to arrest and sanction ransomware operators.
The law enforcement sting announced Monday targeted a crime group whose ransomware has reportedly been used in disruptive cyberattacks in 2020 on a German hospital and computer systems in Pennsylvania’s Delaware County.
The hack forced the German hospital, in the city of Düsseldorf, to reroute an ambulance containing a critically ill patient. The patient later died, but German prosecutors ultimately did not hold the ransomware gang responsible for the death.
The type of ransomware used by the hackers, known as DoppelPaymer, has “negatively impacted the provision of healthcare, emergency and education services to citizens worldwide,” the FBI said in a 2020 advisory to the US industry.
Europol and police in the German state of North Rhine-Westphalia credited the FBI for helping in in sting. It was not immediately clear what role the bureau played. CNN has requested comment from the FBI.
German police on Monday also announced arrest warrants for three alleged DoppelPaymer operatives who appear to be from Russia. One of the people, Igor Olegovich Turashev, was indicted in the Western District of Pennsylvania in 2019 on hacking wire and bank fraud charges and is wanted by the FBI.