A hacker from Ukraine caused 40 million euros worth of damage to European companies

The Ukrainian cyber police, together with the Prosecutor General’s Office, law enforcement agencies from Germany, the Netherlands, Europol and the FBI, exposed a hacker who caused losses to European companies worth EUR 40 million. The victims include critical infrastructure and industrial facilities located within the eurozone.

The attacker was a 39-year-old Ukrainian who now lives in Germany. The man was involved in large-scale cyberattacks using the DoppelPaymer ransomware. The cybercriminal spread the virus using EMOTET malware.

The ransomware was distributed via phishing and spam emails with attached documents containing malicious code in JavaScript or VBScript. The malware encrypted data, and the attacker demanded a ransom from the victims to restore access.

Foreign law enforcement officers conducted a search at the Ukrainian’s actual place of residence in Germany. Searches were also conducted in two apartments belonging to the offender in Kyiv and Kharkiv. German law enforcement is currently establishing whether the Ukrainian had any accomplices, so the investigation is ongoing.

As a reminder, yesterday it became known that Ukrainian and German law enforcement officers exposed the Double-Spider hacker group. The criminals have been engaged in online theft since 2010. More than 600 organizations and individuals have become victims of the attackers. Among them are the UK National Health Service and the University Hospital of Düsseldorf.