International Coalition Disbands Capcom Hacker Group Ragnar Locker
International police forces, spanning 11 countries, have successfully dismantled the hacker group responsible for high-profile cyberattacks on companies, including ADATA and video game giant Capcom. Europol has reported the arrest of the Ragnar Locker ransomware group.
Capcom's Vulnerability Exposed
Ragnar Locker made headlines in November 2020 when they claimed responsibility for a Capcom security breach. The attack leaked vast amounts of employee data, including personal details, passport numbers, and emails. They purportedly stole over 1TB of sensitive information, compromising the confidentiality of nearly 390,000 individuals. Details of the stolen data were subsequently made public, revealing significant exposures, from personal and corporate data of current and ex-employees to sales reports and financial figures.
The Fall of Ragnar Locker
The arrest of the Ragnar Locker gang follows a coordinated multi-country operation carried out between October 16 and 20. This collaboration included countries like Czechia, Latvia, Spain, Germany, and the Netherlands, among others. The main suspect was apprehended in Paris, with subsequent legal proceedings at the Paris Judicial Court. This arrest was accompanied by a search of his residence in Czechia and a global seizure of the group's infrastructure. Additionally, five associates linked to Ragnar Locker were questioned in Spain and Latvia.
Japan and the U.S., among others, joined forces to dismantle Ragnar Locker's ransomware tools and the platform they used to disclose stolen data.
Edvardas Šileris, who oversees Europol’s European cybercrime center, emphasized the importance of consistent vigilance against ransomware threats. He conveyed optimism about the collaborative efforts, asserting that each successful operation enhances investigative methodologies and insights into cybercrime groups.
The Technical Aspect
Ragnar Locker, apart from being the name of the group, is also the title of the ransomware they engineered. This malware was primarily designed to target Microsoft Windows, manipulating features like the Remote Desktop Protocol to infiltrate devices and steal data. Experts speculate this might be how Capcom's defenses were breached.
Kotaku has approached both Capcom and Europol for further comments.
Wider Gaming Industry Threats
The gaming industry continues to be an attractive target for hackers. Recently, a new group named Ransomed.vc boasted about infiltrating "all of Sony systems." Earlier in May, Sony experienced another breach, with attackers allegedly accessing data of around 6,791 personnel.
Source: Kotaku