Suspected developer of Ragnar Locker ransomware arrested in Paris

The suspected developer of the Ragnar Locker ransomware strain is in custody in France and the malware’s IT infrastructure taken down after an international police operation, the Europol police co-operative announced Friday.

The gang behind the creation and distribution of this strain was responsible for numerous high-profile attacks against critical infrastructure across the world after emerging in 2019. According to the FBI, as of January 2022 it had hit at least 52 organizations across 10 critical infrastructure sectors.

Europol’s announcement today was the culmination of police action that started on Monday, including searches in Czechia, Spain and Latvia. But the statement said the investigation has its roots in the arrests in Ukraine just over two years ago of what it called two “prolific” ransomware operators.

The individual Europol called the “key target” was arrested in Paris on Monday, and his home in Czechia was searched. Five other suspects were interviewed in Spain and Latvia in the following days, Europol said. The statement doesn’t say what happened to them. But the person arrested in Paris has been brought in front of examining magistrates there.

The ransomware’s infrastructure was also seized in the Netherlands, Germany and Sweden, and the associated data leak website on Tor was taken down in Sweden.

The investigation was led by the French National Gendarmerie and included law enforcement authorities from the Czechia, Germany, Italy, Japan, Latvia, the Netherlands, Spain, Sweden, Ukraine and the United States.

Also this week, a white hat hacking group from Ukraine said it took down the IT infrastructure behind the Trigona ransomware.  

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Related Tech News

Featured Tech Jobs


CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.