- Four cybercriminals have been arrested through a joint police mission codenamed ‘Endgame.’ Three of them were found in Ukraine, while one was found in Armenia.
- These individuals are responsible for taking down 100+ servers and 2,000+ internet domains. The cost of damages caused by them runs in hundreds of millions of dollars.
- However, this operation is far from over. Europol confirmed that many more takedowns are about to come. For now, eight more cybercriminals have been added to Germany’s most wanted list.
Police coordinated by the European Union’s justice agency and police agencies have together taken down a massive international cybercrime gang.
The joint operation, which was codenamed ‘Endgame,’ included authorities from France, the Netherlands, Denmark, Germany, Ukraine, the US, and the UK.
On Thursday, the European Union’s judicial cooperation agency (Eurojust) called it the biggest international mission ever against cybercrime. Four important suspects have been arrested.
Three of the four arrested suspects were found in Ukraine and one was found in Armenia. Searches had to be carried out across Ukraine, Portugal, Armenia, and the Netherlands before the arrests could be made.
About the Operation
The Europol has not revealed much about the takedown—just that the above-mentioned four individuals were responsible for disrupting more than 100 servers and taking down over 2,000 website domains.
Emails were their most preferred way to spread ransomware and they used malware droppers like Pikabot, IcedID, SmokeLoader, Bumblebee, and Trickbot.
Note: Malware droppers are Trojan horses specially designed to install malware on a computer. Malware includes viruses and backdoors.
Their victims were not just limited to private bodies—government entities were also at risk. According to the Dutch police, the financial cost of the damage caused by these cybercriminals to the government and the public in general amounts to hundreds of millions of dollars.
Interestingly, they did not do it alone. They were also renting out their cybercrime infrastructure to other criminals.
One of the main suspects made a whopping 69 million euros ($74 million) just from renting. The police are continuing to monitor their transactions and have already received a legal nod to seize these assets.
What Happens Now?
The arrest of these four individuals is just the first step in what’s expected to be a long series of takedowns. As the Europol said in a statement, “Operation Endgame does not end today. New actions will be announced on the website Operation Endgame.”
The German authorities are looking for seven more people, who are believed to be a part of a cybercrime group responsible for spreading the Trickbot malware.
An eighth person is also on their list – this one’s suspected to be one of the leaders of the group behind SmokeLoader. According to Europol, these eight people have already been added to Germany’s most wanted list.
International Authorities Awake to Cyber Threats
This is not the first time a joint international police operation has disrupted cybercrime.
Just over a month ago (April 2024), a joint investigation led by authorities from 19 countries disrupted a notorious platform ‘LabHost’ that sold phishing kits to cybercriminals. Over 10 arrests were also made.
Furthermore, in February of this year, Britain’s National Crime Agency, Europol, the FBI, and a group of international police agencies (from Canada, Japan, France, etc.) nabbed the notorious cybercrime gang Lockbit, which was responsible for cyberattacks on over 1,700 organizations globally, spanning nearly every primary industry vertical.
The impact of these missions is far-reaching. It’s a strong statement against cybercriminals, telling them that no matter how smart they are, they can always be caught—and that crossing the border won’t solve their problems anymore.
Police organizations from around the world are wide awake to cybersecurity risks and are willing and able to work together.