Ragnar Locker Ransomware Boss Arrested in Paris
Cops track down ransomware developer and seize Ragnar Locker infrastructure and data-leak site, Europol says.
Ragnar is a ransomware family covered through reported incidents, technical analysis, disruption efforts, and defensive guidance for organizations.
Search across headline titles and summaries.
Background for this topic.
Ragnar is a ransomware family and criminal operation, not the unrelated software or product names that may use “Ragnar.” It encrypts files to disrupt access; reporting has also associated some incidents with theft of data and threats to disclose it. Coverage under this tag may include claimed or confirmed deployments, technical analysis of the malware and infrastructure, defensive guidance, and law-enforcement or other disruption activity. Incident claims and attribution require independent validation, particularly when operators or researchers publish incomplete information.
The main security concerns are loss of system availability and potential exposure of sensitive data. Organizations should maintain tested, offline or otherwise protected backups; apply security updates to internet-facing systems; enforce multifactor authentication and restrict privileged access; and monitor for unusual account, administrative, and file-encryption activity. If Ragnar is suspected, isolate affected systems without unnecessarily destroying evidence, preserve relevant logs, identify possible data access or exfiltration, and coordinate recovery with legal, privacy, and regulatory teams. Do not assume that paying a ransom will restore files or prevent disclosure.
Weekly headline count for the current query.
Cops track down ransomware developer and seize Ragnar Locker infrastructure and data-leak site, Europol says.
Several countries in Europe as well as the United States and Japan were involved in the operation, which is aimed at defanging one of the bigger names in ransomware.
TAP assures its customers that it stopped data theft in a recent cyberattack, but the Ragnar Locker ransomware group says it made off with user info.
Bureau releases indicators of compromise for the RagnarLocker ransomware that has hit 10 different critical infrastructure sectors.