Our website uses cookies to enhance your browsing experience and to collect information about how you use this site to improve our service to you. By not accepting cookies some elements of the site, such as video, will not work. Please visit our Cookie Policy page for more information on how we use cookies.

Several Domains Used in Ransomware Attacks Seized by the Garda National Cyber Crime Bureau (GNCCB)

A significant disruption operation which targeted the IT infrastructure of a Cyber Crime group has been conducted by the Garda National Cyber Crime Bureau. The Garda National Cyber Crime Bureau have seized several domains used in ransomware attacks.

The seizure of these domains from the grasp of the Cyber Crime group has directly prevented a large number of further Ransomware Attacks across the world. GNCCB have subsequently deployed a ‘splash screen’ onto the seized domains in order to notify any potential victims of the likelihood that their system has become compromised by Ransomware. This will enable them to take appropriate security measures.

A process has also commenced between the Garda Síochána and their Law enforcement Partners at Europol and Interpol, to provide the details of the visiting URL’s to the member countries to ensure that the infected systems are appropriately decontaminated.

This is a crime prevention operation and to date a total of 753 attempts were made by ICT systems across the world to connect to the seized domains. In each instance, the seizure of these domains by the GNCCB investigation team is likely to have prevented a Ransomware Attack on the connecting ICT system, by rendering the initially deployed Malware on the victims system, as ineffective.

Ransomware Disruption Operation