Europol Coordinates Arrest of Ransomware Gang in Ukraine, Seizing $1.3M in Crypto

The effort involved an organized strike by representatives from the French National Gendarmerie, the Ukrainian National Police and the FBI, coordinated by Europol and Interpol.

AccessTimeIconOct 4, 2021 at 4:35 p.m. UTC
Updated May 11, 2023 at 4:00 p.m. UTC

International crime-fighting agencies Europol and Interpol organized the arrest in Ukraine of two prolific ransomware operators, seizing $1.3 million in cryptocurrencies in the process.

  • The authorities said they worked closely with the French National Gendarmerie, the Ukrainian National Police and the U.S. Federal Bureau of Investigation (FBI) to make the arrests in Ukraine on Sept. 28.
  • The ransomware duo were known for their ransom demands of between €5 million to €70 million ($5.8 million to $81.3 million), according to Europol.
  • The duo is alleged to have committed a string of targeted attacks against large industrial firms in Europe and North America from April 2020 onwards.
  • The criminals would deploy malware and steal sensitive data from companies, before encrypting their files. They would then offer a decryption key in return for a ransom payment of several million euros, threatening to leak the stolen data on the dark web if their demands were not met.
  • In addition to the $1.3 million in cryptocurrencies, authorities seized $375,000 in cash and two luxury vehicles from the alleged perpetrators.
  • Ransomware attackers frequently request payment in cryptocurrencies, in part because of the speed and security with which payments can be made.


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

Tanzeel Akhtar

Tanzeel Akhtar is a reporter based in London,UK.

Learn more about Consensus 2024, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to to register and buy your pass now.