Operations of the Radar/Dispossessor ransomware gang have been disrupted as a result of an FBI Cleveland-led international law enforcement crackdown on the group's servers and domains coordinated alongside the U.S. Justice Department, the UK's National Crime Agency, and German law enforcement, reports The Record, a news site by cybersecurity firm Recorded Future.
More than 40 organizations around the world, particularly those in the healthcare, education, financial services, and transportation sectors have been targeted by Radar/Dispossessor since its emergence last August, said the FBI, which attributed the group's leadership to the hacker "Brain." Such a development comes after Radar/Dispossessor was noted by SOCRadar to have the same leak site as the disrupted LockBit ransomware operation. "Content analysis reveals that many posts from the original LockBit site have been mirrored on Dispossessor's platform on their first days, maintaining the exact publication dates and details," said SOCRadar in a May report. Over 300 organizations impacted by LockBit also had their data claimed to be sold by a threat actor under the name Dispossessor following the shutdown of the ransomware gang, according to a SentinelOne report.