Suspects of UM ransomware attack allegedly arrested

Suspects of UM ransomware attack allegedly arrested

17-06-2021

MAASTRICHT. The Ukrainian police is said to have arrested suspects of many ransomware attacks, including the one on Maastricht University in 2019, technology website tweakers.net reported today. Apparently, houses were searched at 21 locations in Kiev and surrounding areas within the framework of an investigation into the criminal organisation behind the Clop ransomware.

The Maastricht Executive Board, which at the time paid two hundred thousand euro to buy themselves out of the situation, is aware of the fact, says vice president Nick Bos. “We have notified the Dutch police, but we are not getting ahead of ourselves. We don’t even know for sure if this is the organisation behind the attack on the UM.”

Maastricht University fell victim to a cyberattack on the night of 23 into 24 December 2019. The UM fairly quickly paid the 197 thousand euro, thirty bitcoins, to the criminals in exchange for the return of files held hostage. By the way, the UM was not the only victim in that period. Servers belonging to the University of Antwerp had been targeted by Clop malware earlier that year. The fact that the culprits supposedly originated from Eastern Europe, possibly the Ukraine, was already suggested by cybercrime experts at the time.

According to tweakers.net, the people arrested in the Ukraine are suspected of hacking and money laundering.
Whether these arrests will mean the end of the organisation behind Clop remains to be seen. Tweakers quotes cyber security company Intel 471, who believe that only the laundering and financial part has been hit. ‘Administrators’ could still continue their activities.