LockBit & Conti Ransomware Hacker Busted in Ukraine

Police have arrested a 28-year-old Ukrainian man for his work as a freelance developer for the Russian ransomware groups Conti and LockBit.

The accused is an expert in developing cryptors, software that hides malware from antivirus detection, and according to a Ukrainian police report (translated with Google Translate), he frequently worked for Conti and LockBit in exchange for cryptocurrency. Law enforcement was able to identify his cryptors in successful ransomware attacks in Belgium and the Netherlands.

The crimes could land the accused in prison for up to 15 years, according to the announcement.

The splashy arrest is part of Operation Endgame, an ongoing international law enforcement campaign against cybercrime. Dutch officials said the suspect was taken into custody on April 18 with assistance from the multinational cooperation.

According to Dutch officials (also translated with Google Translate), "The police were tipped off by the NCSC (National Cyber Security Center) and, after further investigation, discovered that the Ukrainian man infected the computer networks of a company in the Netherlands with Conti's malware in 2021; a hacker group that offers ransomware for sale."