He is a 43-year-old Kazakh citizen and has been living in Alicante since 2014, when he arrived with his family in search of a more comfortable and sunnier life. She is a 41-year-old Estonian citizen and lives in Torrevieja with her partner and son. Both are regulars on the Dark Web, or dark (encrypted) Internet, where they met and kept in touch with other members of their organization, Ragnar Locker, which is dedicated to kidnapping data from large companies and demanding millions of dollars in ransom in return they could work again. “They did it with an important French hospital, which they completely blocked, jeopardizing the confidentiality of the data of all their patients, and they also did it with a large transoceanic container transport company, which completely paralyzed all deliveries,” explains the Head of the Technical Crimes Group of the Alicante Civil Guard, who handcuffed them in their respective homes in Alicante last week.
Researchers were able to prove that this hacker organization with branches in the Czech Republic, Ukraine, Germany, Latvia, Japan, the Netherlands and the USA stole more than 15 million euros in ransoms within four years. At least. Those arrested in Spain were people with extensive computer and programming knowledge, money launderers that the organization obtained through extortion, as well as virus (malware) inventors capable of destroying companies and depots for virtual Block wallets. “In the province of Alicante alone, technology crimes have increased by more than 500% from last year to this year,” warns the researcher.
More information
According to the Interior Ministry’s latest cybercrime report, there has been a noticeable increase in computer crime between 2018 and 2022. A total of 374,737 incidents were recorded in 2022, 22.7% more than the previous year. Of these, 89.7% are computer fraud (scams) and 4.3% are threats and coercion.
Neither he nor she had any criminal record, according to the researchers, who assure that this is the most common profile: “These types of organizations, whose leader was also arrested in the Czech Republic, are always looking for clean and clean people.” the can go unnoticed and lead a seemingly normal life,” they say. “They usually get into these groups through initiation tests that they propose to each other, such as attacks on specific companies; Once the challenge is presented, it is carried out, then they occur,” the researchers explain.
In the case of those arrested in Spain, he had a business as a cover, a virtual Bitcoin transaction machine in a shopping center in Alicante, according to investigators, who claim that he “also founded this company with funds from”. the blackmail of other companies.” She, on the other hand, had no known job. But both had a high standard of living, “even though there was no reason for it,” said the agents.
What influences the most is what happens next. So you don’t miss anything, subscribe.
Subscribe to
Camouflaged on the Costa Blanca
According to researchers, the so-called Costa Blanca has for years been a magnet for foreign citizens and members of organized crime seeking cover and the good life. “No company, large, small or medium, is safe from this type of criminal,” they warn; “It is important that they ensure they are protected: maintain Wi-Fi networks with the highest security measures, use strong passwords and verify that emails are sent from a real sender,” they recommend.
The two detainees in Spain, who never spoke on the phone and only maintained contact through cryptocurrency platforms, had attacked 168 companies (“a Portuguese airline, law firms, textile companies, health companies such as an Israeli hospital…”) with the members of Ragnar Locker: “The virus itself sends a message to the victim informing them that their data has been hijacked because it is encrypting.” [encriptan] deny their access and prevent them from carrying out their activities. They then demand a ransom of up to five million euros and give you a virtual wallet (a type of checking account) into which you have to make the deposit. Therefore, they are more likely to look for large companies with liquidity and many will pay out of fear of losing even more money and prestige as they are threatened with the publication of their customers’ data,” say the researchers.
At the same time, they warn that it is practically impossible to get back the money paid for the ransom “because they immediately escalate it and spread it across hundreds of virtual wallets.” One of them was found in the computer equipment confiscated in this operation from a Kazakh citizen from Alicante, with only 6,000 euros. “But it is very important because it is definitive proof of the activity they have carried out,” explains the person in charge of the operation, baptized by the name Bitazgo.
These are investigations that last for years due to their difficulty, as they require the participation of agents with advanced and sufficiently specialized computer skills. In addition, they often encounter ignorance or lack of preparation on the part of judges in this area, which makes it difficult to collect evidence in this parallel world, the digital one.
Those arrested are now facing multiple charges for alleged crimes against privacy, fraud, computer damage, criminal organization, money laundering, disclosure of secrets… with penalties that can reach up to ten years.
This international operation, involving Europol and Interpol, will dismantle one of the most active and damaging hacker groups previously investigated by the US FBI and the French National Gendarmerie.
Subscribe to continue reading
Read without limits
_