We’ve talked before about how difficult it can be to go after hackers and scammers because they are often based overseas and it can be difficult to get countries to cooperate in the investigation.

The U.S. Department of Justice says it’s part of a coordinated international law enforcement action that aims to disrupt NetWalker ransomware.

The ransomware has been used to attack hospitals law enforcement, healthcare facilities, towns, colleges, and private companies. Nearly 30 million dollars in ransom has already been paid, much more damage has been done to systems.

Netwalker operates much like Office 365 or Adobe Creative Cloud and offers ransomware a subscription service. The developers update the software and make it available to affiliates. Affiliates pick out targets and split the money from ransom with the developers.

Seizure page of dark web hidden resource used to communicate with NetWalker ransomware victims

“We are striking back against the growing threat of ransomware by not only bringing criminal charges against the responsible actors, but also disrupting criminal online infrastructure and, wherever possible, recovering ransom payments extorted from victims,” said Acting Assistant Attorney General Nicholas L. McQuaid of the Justice Department’s Criminal Division.  “Ransomware victims should know that coming forward to law enforcement as soon as possible after an attack can lead to significant results like those achieved in today’s multi-faceted operation.”

Charges were filed against Sebastien Vachon-Desjardins, a Canadian citizen and half a million dollars in cryptocurrency was seized. Authorities in Bulgaria also seized a dark web hidden resource used by NetWalker ransomware affiliates to provide payment instructions and communicate with victims. Visitors to the resource will now find a seizure banner that notifies them that it has been seized by law enforcement authorities.

If you’ve been the victim of ransomware, you can file a complaint with the FBI’s Internet Crime Complaint Center at www.ic3.gov.