Help Net Security reports:
Law enforcement agencies in Ukraine and Germany have identified two members of a Russian-affiliated ransomware group and carried out searches in western Ukraine.
Investigators also named the alleged organizer, a Russian national, and placed him on an international wanted list through INTERPOL. Foreign law enforcement agencies said the individual may have connections to activity associated with the Conti ransomware operation.
According to investigators, the two suspects specialized in technical intrusion activities used to prepare ransomware attacks. Their role centered on password extraction from protected systems using specialized software.
After obtaining employee credentials, group members accessed internal corporate systems and elevated account privileges inside company networks. Investigators said this access enabled further compromise of internal infrastructure.
Read more at Help Net Security.
