Three Ukrainian hackers suspected of hacking into dozens of companies, including in France, have been detained in a joint Ukrainian-French police operation. They are said to be operating under the name Egregor and were behind the hacking of video game publisher Ubisoft or daily newspaper Ouest-France
They would have hacked Ubisoft, the video game publisher, as well as the daily newspaper Ouest-France and even a computer security company. The three Ukrainian hackers, aged 33, 34 and 38, were arrested in a joint French-Ukrainian crackdown. Members of a very active network known as Egregor are suspected of hacking into dozens of companies, including in France, with ransomware attacks similar to those that have recently become more frequent against French hospitals, such as Dax or Villefranche-sur-Saône.
Specialists in “double extortion”
Specialised in “double extortion”, as RFI points out, hackers have always used the same scheme. They infiltrate a company’s computer network, for example, using a malicious attachment and take the data before encrypting it. They then demand a ransom for the “key” to recover the data and threaten to expose the stolen information online. In the case of Western France, which was allegedly attacked by them on 21 November, the pirates also managed to shut down the printing presses used to print newspapers.
This was all the more important given that Egregore’s group was very active, to the point where it was spotted and reported to the FBI and ANSSI, the National Agency for Information System Security. However, these arrests do not mark the end of the group, as they appear to be “affiliates” in the hands of justice. That is, small hands using “ransomware” developed by the thinking heads of the group, which is still free.