Law Enforcement Seizes Servers, Domains, and Approximately $1 Million In Laundered Proceeds Owned By BlackSuit (Royal) Ransomware The Justice Department announced today coordinated actions against the BlackSuit (Royal) Ransomware group which included the takedown of four servers and nine domains on July 24, 2025.
The takedown was conducted by the Department of Homeland Security’s Homeland Security Investigations (HSI), the U.S. Secret Service, IRS Criminal Investigation (IRS-CI), the FBI, and international law enforcement from the United Kingdom, Germany, Ireland, France, Canada, Ukraine, and Lithuania. These actions include the unsealing of a warrant for the seizure of virtual currency valued at $1,091,453 at the time of the seizure.
Read more…
Source: U.S. Department of Justice
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Trump’s acting cyber chief uploaded sensitive files into a public version of ChatGPT
January 27, 2026
The interim head of the country’s cyber defense agency uploaded sensitive contracting documents into a public version of ChatGPT last summer, triggering multiple automated security warnings that are meant to stop the theft or unintentional disclosure of government material from federal networks, according to four Department of Homeland Security officials with knowledge of the incident. The ...
- Microsoft gave FBI a set of BitLocker encryption keys to unlock suspects’ laptops
January 23, 2026
Microsoft provided the FBI with the recovery keys to unlock encrypted data on the hard drives of three laptops as part of a federal investigation, Forbes reported on Friday. Many modern Windows computers rely on full-disk encryption, called BitLocker, which is enabled by default. This type of technology should prevent anyone except the device owner from ...
- Microsoft disrupts global cybercrime subscription service responsible for millions in fraud losses
January 14, 2026
Today, Microsoft is announcing a coordinated legal action in the United States and, for the first time, the United Kingdom to disrupt RedVDS, a global cybercrime subscription service fueling millions in fraud losses. These efforts are part of a broader joint operation with international law enforcement, including German authorities and Europol, which has allowed Microsoft and ...
- US cargo tech company publicly exposed its shipping systems and customer data to the web
January 14, 2026
For the past year, security researchers have been urging the global shipping industry to shore up their cyber defenses after a spate of cargo thefts were linked to hackers. The researchers say they have seen elaborate hacks targeting logistics companies to hijack and redirect large amounts of their customers’ products into the hands of criminals, in ...
- China: Authorities tell domestic companies to stop using US and Israeli cybersecurity software
January 14, 2026
Chinese authorities have told domestic companies to stop using cybersecurity software made by more than a dozen firms from the U.S. and Israel due to national security concerns, three people briefed on the matter said. As trade and diplomatic tensions flare between China and the U.S. and both sides vie for tech supremacy, Beijing has been ...
- Hackers claim to have Target source code for sale following recent cyberattack
January 13, 2026
Hackers are apparently selling internal source code stolen from American retail giant Target. A previously unknown threat actor posted in an underground hacking community to claim they were selling Target’s data, and that this was the first of many datasets to go on auction. To support their claim, the poster created multiple repositories on Gitea, a ...