A joint operation of U.S. and EU law enforcement authorities allowed the seizure of the leak sites used by NetWalker ransomware operators.

Law enforcement authorities in the U.S. and Europe have seized the dark web sites used by NetWalker ransomware operators. The authorities also charged a Canadian national involved in the NetWalker ransomware operations.

“The Department of Justice today announced a coordinated international law enforcement action to disrupt a sophisticated form of ransomware known as NetWalker.” reads the press release published by DoJ.

“NetWalker ransomware has impacted numerous victims, including companies, municipalities, hospitals, law enforcement, emergency services, school districts, colleges, and universities. Attacks have specifically targeted the healthcare sector during the COVID-19 pandemic, taking advantage of the global crisis to extort victims.”

The group has been active since 2019, the NetWalker ransomware has been offered with the Ransomware-as-a-Service (RaaS) model.

The list of victims of the group is long, it includes Pakistan’s largest private power company K-ElectricArgentina’s official immigration agency, Dirección Nacional de Migraciones, and the University of California San Francisco (UCSF), the latter paid a $1.14 million ransom to recover its files.