BERLIN (Reuters) – The globally active criminal ransomware group Radar/Dispossessor, which targeted at least dozens of companies in sectors including healthcare and transport, has been taken down, authorities in the United States and Germany said on Tuesday.
The group, founded in August 2023 and led by the online moniker “Brain”, targeted small to medium-sized companies, at first focusing on the US and then expanding globally
The investigation has identified 43 companies as victims, from countries including Argentina, Australia, Belgium, Brazil, Honduras, India, Canada, Croatia, Peru, Poland, the United Kingdom, the United Arab Emirates and Germany, they said.
A large number of companies have very likely also been affected and are not yet known to authorities, they said, adding that in the US, the group had also targeted hospitals.
Vulnerable computer systems, weak passwords and a lack of two-factor authentication were a gateway into company IT systems where data could then be held for ransom, they said.
Servers and domains belonging to the group in Germany, the US and Britain have been dismantled, added authorities.
Twelve suspects from Germany, Ukraine, Russia, Kenya, Serbia, Lithuania and the United Arab Emirates have been identified, according to authorities in Germany.
The focus is now on identifying further suspects and gaining information about other victimized companies, they added.
(Reporting by Hans Busemann and Miranda Murray, Editing by Rachel More)