International authorities dismantle Dispossessor ransomware group targeting global companies

A collaborative effort between U.S. and European authorities has successfully dismantled the Radar/Dispossessor ransomware group. This cybercriminal organization has targeted small to medium-sized companies globally since its inception in August 2023. The group, led by an individual operating under the online alias "Brain," focused initially on U.S.-based businesses before expanding its operations to other countries.

According to a joint announcement from authorities in the United States and Germany on Tuesday, the Dispossessor group orchestrated ransomware attacks on at least 43 companies across various sectors, including healthcare and transportation. The victims were in Argentina, Australia, Belgium, Brazil, Honduras, India, Canada, Croatia, Peru, Poland, the United Kingdom, the United Arab Emirates, and Germany. The extent of the group’s activities is broader, with many affected companies still unidentified by authorities.

The Dispossessor group exploited vulnerabilities in company IT systems, including weak passwords and the absence of two-factor authentication, to gain access to sensitive data. Once inside, the group encrypted the data and demanded ransom payments for its release. In the United States, their targets included hospitals, further underscoring the group’s willingness to exploit critical infrastructure for financial gain.

Authorities have dismantled servers and domains used by the Dispossessor group in Germany, the United States, and the United Kingdom, effectively disrupting their operations. The investigation has identified twelve suspects linked to the group, hailing from various countries, including Germany, Ukraine, Russia, Kenya, Serbia, Lithuania, and the United Arab Emirates.

The focus of the investigation now shifts to identifying additional suspects and uncovering further details about companies that may have fallen victim to the group’s ransomware attacks. The shutdown of the Dispossessor group marks a significant victory in the ongoing battle against cybercrime, particularly ransomware, which has become an increasingly prevalent threat to businesses and organizations worldwide.