7 suspected hackers arrested in global ransomware crackdown

Lisa Monaco

Deputy Attorney General Lisa Monaco speaks to The Associated Press during an interview at the Department of Justice in Washington, Tuesday, Nov. 2, 2021. Monaco told the AP that the public should expect to see more arrests and law enforcement action as the Justice Department deals with the threat of ransomware. (AP Photo/Manuel Balce Ceneta)

WASHINGTON (AP) — Seven suspected hackers linked to ransomware attacks that have targeted thousands of victims have been arrested since last February as part of a global cybercrime crackdown, European law enforcement authorities announced Monday.

The FBI and the Justice Department were expected to announce criminal charges tied to ransomware later Monday as well as the seizure of $6 million, according to a U.S. official, who was not authorized to discuss the matter by name ahead of a news conference and spoke on the condition of anonymity.

None of the arrested hackers was identified by name, but Europol said two suspected hackers believed to be linked to the ransomware gang known as REvil were arrested last week for involvement in attacks that yielded about $580,000 in ransom payments. Authorities in Kuwait arrested another accused hacker last week, and South Korean authorities have arrested three since last February. A seventh was arrested last month in Europe.

The arrests were part of a law enforcement investigation called GoldDust that involved the United States and 16 other countries. REvil, also known as Sodinokibi, has been linked in recent months to ransomware targeting the world’s largest meat processor, JBS SA, as well as a Fourth of July weekend attack that snarled businesses around the world.

Deputy Attorney General Lisa Monaco appeared to foreshadow Monday’s announcement in an interview with The Associated Press last week, saying that “in the days and weeks to come, you’re going to see more arrests” as well as seizures of ransomware proceeds.

The Justice Department has tried multiple ways to address a ransomware wave that it regards as a national security…