Ragnar Locker Ransomware Boss Arrested in Paris

Cops track down ransomware developer and seize Ragnar Locker infrastructure and data-leak site, Europol says.

Dark Reading Staff, Dark Reading

October 23, 2023

1 Min Read
Ragnar Locker website takedown notice
Source: Europol

Law enforcement agencies have arrested the suspected developer of the Ragnar Locker ransomware group, tracking the person down in Paris.

The arrest is part of a coordinated policing effort from 11 separate countries. Agents swarmed on operators of the prolific group, seizing its cybercrime infrastructure.

Europol released some details of the takedown on Oct. 20 after Ragnar Locker's Tor data-leak site was replaced with a vague notice of a "coordinated international law enforcement action" just days earlier; now, more details are forthcoming.

The person arrested is identified by Europol as the "main perpetrator suspected of being a developer of the Ragnar group." Five additional suspects were interviewed in Spain and Latvia, the statement added.

Ragnar Locker ransomware group has been active since 2019, targeting infrastructure including the energy sector, hospitals, airports, and more.

The group often used double extortion tactics, mounting pressure on victims to pay ransoms, Europol pointed out in its announcement, which added "The threat level of Ragnar Locker was considered as high, given the group’s inclination to attack critical infrastructure."

The following countries cooperated in the operation: Czech Republic, France, Germany, Italy, Japan, Latvia, Netherlands, Spain, Sweden, Ukraine, and the United States, Europol said.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights