Four people were arrested, infrastructure was dismantled and new financial sanctions were imposed. It is the result of the third phase of Operation Crono against the Lockbit Ransomware group.
French and British police arrested a suspected developer and two people linked to one of Lockbit's affiliated groups in a recent third raid on Lockbit. In Spain, at the same time, the police arrested the director of one of Lockbit's hosting services and a number of servers were seized. In addition, financial sanctions have been imposed on a person suspected of having links to both Lockbit and the cybercrime group Evil Corp.
Since Kronos began its first phase in February 2024, about a dozen people have been charged or arrested for their involvement in Lockbit operations. In addition, the international operation was able to take control of the underlying infrastructure used by Lockbit, seizing more than 200 cryptocurrency wallets and collecting large amounts of data that is being analyzed for further investigation. Many people are in demand internationally as well.
The Swedish police were for several years part of the operation because Swedish companies and organizations were also affected by Lockbit.
The continuation of the operation with new arrests is evidence of the strength of international cooperation. Committing crimes against Swedish prosecutors is not without risk simply because you yourself are in another country when you commit these crimes, says Björn Eriksson, head of the complex cybercrime division at NOAA's National Police Operations Department.
Facts about Operation Chronos
The international operation is the result of a complex investigation led by the UK's National Crime Agency as part of an international investigation team. The investigation is called “Operation Kronos” and was coordinated at the European level by Europol. The National Crime Agency has partnered with law enforcement agencies in nine other countries: France, Germany, Sweden, the Netherlands, the United States, Switzerland, Australia, Canada and Japan.
Ransomware is malicious software that encrypts files on a computer or system and demands payment to open them.
Ransomware as a Service (RaaS) is a model in which criminals sell or rent ransomware to others, known as affiliates, to carry out ransomware attacks. Often, RaaS services also include functions to pay ransoms and communicate with victims.
“Unapologetic writer. Bacon enthusiast. Introvert. Evil troublemaker. Friend of animals everywhere.”
More Stories
This is how much the President and Vice President of the United States earn
Melania on Donald Trump: “He is not Hitler” | the world
Major attack on Gaza – hospitals appeal for help