July 29, 2025
Digital infrastructure of a major global cyber extortion network, believed to be behind hundreds of ransomware attacks worldwide has been dismantled by International investigators.
According to police in the German state of Lower Saxony, LKA, Servers used by the cybercrime group operating as Blacksuit/Royal, were identified and shut down by the authorities .
The group’s operations were disrupted by the takedown, including malware distribution, internal communications, and its website.
Officials reported a total of 184 victims globally, including several in Germany. Damages recorded as of August 2024 exceeded 500 million dollars, according to police estimates.
READ MORE; UK Pulls Families of Embassy Staff from Israel as Regional Tensions Escalate
The coordinated operation, a long-term effort, led to the securing of large volumes of data at the end of July.
Authorities hoped that the materials will help identify those responsible. LKA president Thorsten Massinger said in a statement that. “This sends a clear signal in the fight against cybercrime.”
He added that authorities would use every available tool to counter attacks on companies, public institutions, and private individuals. Victims were urged to report incidents to prevent further attacks.
Investigators revealed that the group used double extortion tactics. Hackers not only encrypted victims’ data but first stole it, allowing them to threaten publication or sale even if files were recovered pressuring victims into paying ransom to be off the hook.
