KUWAIT: Kuwait's interior ministry confirmed yesterday arresting a person as part of an international operation against suspects who reportedly carried out cyber-attacks in several countries including Kuwait. International investigators said on Monday they had arrested seven people in global raids targeting cyber criminals behind ransomware attacks worth more than half a million euros.
Two people were arrested last Thursday in Romania and another in Kuwait, while three were held in South Korea and one in Poland during the months-long operation dubbed "GoldDust". The arrests were linked to the Russian-based hacker group REvil, also known as Sodinokibi, and the ransomware group GandCrab, the EU police agency Europol said in a statement.
"Kuwait police arrested a university student aged 21 years as part of an international operation called GoldDust," The interior ministry said in a press release yesterday, adding that an international collaboration led to the arrest of "a seven-member gang who carried out cyber-attacks in several countries around the world including Kuwait."
"The Interpol sent information of a person who used an account on social media to operate as a member of the gang which had activity" in Kuwait and 16 other countries, it added. Detectives were able to identify the account's holder; a 21-year-old Asian resident and were able to locate him. "Several computers containing malware and a large number of fake emails were found" in the suspect's apartment, the ministry said, adding that the suspect confessed to committing numerous hackings "for several years". All seven detainees were apprehended at the same time following coordination between authorities in the countries of arrest, the ministry further noted.
The global police body Interpol and EU judicial agency Eurojust were also involved in the operation. "Suspected of about 7,000 infections, the arrested affiliates asked for more than 200 million euros in ransom," the Europol statement said. The two Romanians alone were responsible for around 5,000 infections which pocketed around half a million euros, it added. "All these arrests follow the joint international law enforcement efforts of identification, wiretapping and seizure of some of the infrastructure used by Sodinokibi/REvil ransomware family," it said.
Ransomware is an increasingly lucrative form of digital hostage-taking in which hackers encrypt victims' data and then demand money for restored access. REvil, a group of Russian-speaking hackers, are prolific perpetrators blamed for a series of high-profile cyberattacks. It is said to be a successor organization of GandCrab.