Multiple arrests as ransomware network closed down

A cybercrime network that has infected thousands of computers worldwide and netted around a million euros a year, has been closed down.

For information and advice about protecting your computer against viruses and spyware, click here

The network, which spread ransomware designed to extort money from innocent victims, was shut by Spanish authorities working closely with law enforcement agency Europol, accompanied by the arrest of 11 people from Russia, Georgia and Ukraine. The software planted on computers by the network claimed that the user had viewed illegal content, such as images showing child sex abuse, and levied a 'fine' before the computer could be unlocked.

In a statement, Europol said "By dressing the ransomware up to look as if it comes from a law enforcement agency, cybercriminals convince the victim to pay the 'fine' of 100 euros [$130; £85] through two types of payment gateways – virtual and anonymous – as a penalty for the alleged offence. The criminals then go on to steal data and information from the victim's computer." It continued "Since the virus was detected in May 2011, there have been more than 1,200 reported cases just in Spain, and the number of victims could be much higher."

The fraudulent proceeds had been received by the perpetrators in a variety of ways including using virtual currency such as Bitcoin. ATMs in Spain had also been used to withdraw money with compromised credit cards. One card was used to withdraw 26,000 euros.

A 27-year-old Russian man is believed by Europol to have been heading up the gang. He was arrested in the United Arab Emirates and is awaiting extradition to Spain. Six other Russians, two Georgians and two Ukranians were also arrested.

Written by

In partnership with