FBI Shutdown Prolific Ransomware Group “Radar/Dispossessor,” Domains Seized | Strategic Revenue

According to TechCrunch, the above FBI seizure notice appears on the the Radar/Dispossessor ransomware and extortion gang website. Image Credits: FBI. Unfortunately, specific domain names seized haven’t been publicly released. Image credit: FBI.

WASHINGTON, D.C. – The FBI has announced they have shut down a prolific ransomware group known as “Radar/Dispossessor” and seized multiple internet domains and servers utilized by the cyber threat actors, reportedly headed up by an individual known by the code-name “Brain.”

As part of the FBI’s enforcement actions, they have dismantled a plethora of servers utilized by Radar/Dispossessor to carry out their ransomware attacks, including three in the United States, three in the United Kingdom, and 18 in Germany. In addition, the seized criminal domains include eight based in the U.S. and one German domain.

Radar/Dispossessor first came on the FBI’s radar in August 2023, and as their profile continued to raise in the internet’s underworld, law enforcement began devoting more and more resources to identify and, ultimately, take them down.

The group was known for concentrating their illicit efforts on small-to mid-sized businesses and organizations in the production, development, education, healthcare, financial services, and transportation fields. U.S-based entities were the initial targets, but the scope of Radar/Dispossessor’s victims grew over time to include other countries as well, with eventually 43 companies – located in Argentina, Australia, Belgium, Brazil, Honduras, India, Canada, Croatia, Peru, Poland, the United Kingdom, the United Arab Emirates, and Germany – falling prey to their attacks.

FBI disrupts the Dispossessor ransomware operation, seizes servers. The FBI announced on Monday that it seized the servers and websites of the Radar/Dispossessor ransomware operation following a joint international investigation. https://t.co/HgRB5Cfm2v pic.twitter.com/o8C7FjNB99
— Riskigy (@riskigy) August 15, 2024

Radar/Dispossessor would utilize ransomware to extort the companies in question by stealing their critical data. They did this by tracking down and identifying weaknesses in a potential victim’s digital network, such as vulnerabilities in their computer systems, weak security passwords, or a lack of two-factor authentication protocol for access.

ICYMI — The FBI has successfully seized the servers of Radar (Dispossessor), a ransomware and extortion gang.

The seizure represents a significant achievement for the FBI and various global law enforcement agencies in their ongoing struggle to combat the escalating threat posed… pic.twitter.com/Xlnwr0tK01
— Woods Denise”Andrea” (@dandreawc) August 15, 2024

Once the critical data had been exfiltrated to the attacker’s server and solidly encrypted in the victim’s system, Radar/Dispossessor would then force the company to pay to get it back; failure to meet the group’s demands would result in the data either being publicly leaked and/or destroyed. However, the FBI notes that paying the ransom does not guarantee the attacked files will eventually be decrypted.

The FBI requests that any victims of Radar/Dispossessor – or those with information on the group’s dealings, including its leader, Brain – to contact its Internet Crime Complaint Center at ic3.gov or 1-800-CALL-FBI.

John Colascione

About The Author: John Colascione is Chief Executive Officer of Internet Marketing Services Inc. He specializes in Website Monetization, is a Google AdWords Certified Professional, authored a ‘how to’ book called ”Mastering Your Website‘, and is a key player in several Internet related businesses through his search engine strategy brand Searchen Networks®

Leave a Reply Cancel reply