According to Ukrinform, the Office of the Prosecutor General reported this.
One of the group’s leaders has been charged in absentia and placed on an international wanted list. The U.S. Federal Bureau of Investigation (FBI) has offered up to $10 million for information about his whereabouts.
Investigators established that since 2018, the suspects had attacked servers of companies in France, Norway, Germany, the Netherlands, Canada, and the U.S., encrypting more than 1,000 servers and causing damages exceeding 3 billion hryvnias.
In August 2024, a pre-trial investigation was completed against one of the group’s most active members. He is accused of unauthorized interference with information systems, creating malicious software, and extortion — crimes punishable by up to 12 years in prison.
The investigation uncovered the full structure of the group — from developers of malicious software and specialists in breaching corporate systems to individuals who laundered the illicit profits.
The attackers used ransomware programs LockerGoga, MegaCortex, HIVE, and Dharma. They blocked access to servers and demanded ransom in cryptocurrency.
Several members of the network were arrested in Ukraine as part of the investigation, and some have already faced trial.
A foreign national who was on the international wanted list has been extradited to the United States.
As reported earlier, in April, Ukraine’s Security Service, together with the National Police and with assistance from Czech authorities, carried out a large-scale special operation to neutralize an international hacker group that was stealing from bank accounts and cryptocurrency wallets of EU and U.S. citizens.
