Ukrainian and German authorities have identified two Ukrainians linked to the Black Basta ransomware group and named Oleg Nefedov as its leader. Nefedov, who has ties to Russian intelligence, has been added to INTERPOL's wanted list, and the group has reportedly earned hundreds of millions in cryptocurrency from attacks on over 500 companies. Recent leaks suggest Black Basta may have disbanded, but its members could regroup under new aliases.

A FinCEN report reveals ransomware incidents peaked in 2023, with victims paying over $2.1 billion in ransoms from January 2022 to December 2024. Law enforcement actions against major gangs like ALPHV/BlackCat and LockBit contributed to a decline in both incidents and payments in 2024. Manufacturing, financial services, and healthcare were the most targeted sectors.

The Scattered Spider ransomware group has decided to cease operations due to intense law enforcement pressure following significant cyberattacks on companies like Jaguar Land Rover and Salesforce. In a farewell message, they apologize to their victims and hint at a possible return with a new venture called "ShinySp1d3r RaaS."

Operation Endgame has successfully disrupted a significant global ransomware infrastructure, leading to the apprehension of key individuals involved in cybercrime activities. This operation underscores the collaborative efforts of law enforcement agencies and cybersecurity experts to combat the rising threat of ransomware attacks worldwide.

Ransomware gang Hunters International has announced its decision to shut down operations, citing various challenges faced in the cybercrime landscape. The group's closure reflects the increasing pressure from law enforcement and cybersecurity measures aimed at combating ransomware attacks.

An international law enforcement operation has successfully taken down AVCheck, a counter antivirus service used by cybercriminals to test malware evasion against commercial antivirus software. The takedown is part of Operation Endgame, which aims to disrupt organized cybercrime by targeting services that help criminals refine their malware for maximum effectiveness. Evidence links AVCheck's administrators to other crypting services that further support cybercriminal activities.