Ransomware

Radar/Dispossessor ransomware dismantled in global operation

Share
Image of ransomware, computer language, circuit board pattern over data server room

Operations of the Radar/Dispossessor ransomware gang have been disrupted as a result of an FBI Cleveland-led international law enforcement crackdown on the group's servers and domains coordinated alongside the U.S. Justice Department, the UK's National Crime Agency, and German law enforcement, reports The Record, a news site by cybersecurity firm Recorded Future.

More than 40 organizations around the world, particularly those in the healthcare, education, financial services, and transportation sectors have been targeted by Radar/Dispossessor since its emergence last August, said the FBI, which attributed the group's leadership to the hacker "Brain." Such a development comes after Radar/Dispossessor was noted by SOCRadar to have the same leak site as the disrupted LockBit ransomware operation. "Content analysis reveals that many posts from the original LockBit site have been mirrored on Dispossessor's platform on their first days, maintaining the exact publication dates and details," said SOCRadar in a May report. Over 300 organizations impacted by LockBit also had their data claimed to be sold by a threat actor under the name Dispossessor following the shutdown of the ransomware gang, according to a SentinelOne report.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.