Europol Coordinates Arrest of Ransomware Gang in Ukraine, Seizing $1.3M in Crypto

The effort involved an organized strike by representatives from the French National Gendarmerie, the Ukrainian National Police and the FBI, coordinated by Europol and Interpol.

Oct 4, 2021 at 4:35 p.m. UTC
Updated Oct 4, 2021 at 4:44 p.m. UTC

International crime-fighting agencies Europol and Interpol organized the arrest in Ukraine of two prolific ransomware operators, seizing $1.3 million in cryptocurrencies in the process.

  • The authorities said they worked closely with the French National Gendarmerie, the Ukrainian National Police and the U.S. Federal Bureau of Investigation (FBI) to make the arrests in Ukraine on Sept. 28.
  • The ransomware duo were known for their ransom demands of between €5 million to €70 million ($5.8 million to $81.3 million), according to Europol.
  • The duo is alleged to have committed a string of targeted attacks against large industrial firms in Europe and North America from April 2020 onwards.
  • The criminals would deploy malware and steal sensitive data from companies, before encrypting their files. They would then offer a decryption key in return for a ransom payment of several million euros, threatening to leak the stolen data on the dark web if their demands were not met.
  • In addition to the $1.3 million in cryptocurrencies, authorities seized $375,000 in cash and two luxury vehicles from the alleged perpetrators.
  • Ransomware attackers frequently request payment in cryptocurrencies, in part because of the speed and security with which payments can be made.


The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.

Tanzeel Akhtar is a CoinDesk news reporter based in Europe.