Europol, in collaboration with various global law enforcement agencies, has broadened its Operation Cronos to apprehend four individuals allegedly connected to the LockBit ransomware group. A recent press release detailed the operation, which resulted in the arrests and the seizure of servers and financial assets associated with the group, believed to have ties to Russian intelligence.
One notable arrest involved a key suspect, identified as a ransomware developer, who was vacationing in France when authorities received a tip-off. The French National Gendarmerie acted swiftly, leading to his apprehension. The other three suspects are believed to have engaged in malware distribution, money laundering, and data theft.
The European Union Agency for Law Enforcement Cooperation announced that additional arrests are anticipated in the coming weeks, as they have already compiled a list of individuals connected to the group, aiming to disrupt their operations and IT infrastructure.
In a related development, threat monitoring provider Silent Push has raised alarms about hackers deploying malware disguised as deepfake tools. Security researchers from the Virginia-based firm revealed that the attacks are part of a campaign attributed to the Russia-based group FIN7, known for offering ransomware as a service.
The campaign attracts victims through social media advertisements promoting AI tools that purportedly allow users to upload ordinary photos for transformation into deepfake images. This tactic exploits AI technology to subject unsuspecting individuals to deepfake-based manipulation and harassment.
These tools are often advertised on adult websites, where sample video snippets are displayed. When users click on the pop-up ads, they are redirected to sites offering trial versions of the deepfake tools, which also serve as channels for downloading malicious payloads.
