From Europol:
Cybercriminals around the world have suffered a major disruption after law enforcement and judicial authorities, coordinated by Europol and Eurojust, dismantled key infrastructure behind the malware used to launch ransomware attacks. From 19 to 22 May, authorities took down some 300 servers worldwide, neutralised 650 domains, and issued international arrest warrants against 20 targets, dealing a direct blow to the ransomware kill chain.
… The following malware strains were neutralised during the action:
- Bumblebee
- Lactrodectus
- Qakbot
- Hijackloader
- DanaBot
- Trickbot
- Warmcookie
These variants are commonly offered as a service to other cybercriminals and are used to pave the way for large-scale ransomware attacks. In addition, international arrest warrants were issued against 20 key actors believed to be providing or operating initial access services to ransomware operators.
Read more of the press release at Europol.