Moldovan Police Arrest Foreign Man in Ransomware Attack on Dutch Companies
In a significant breakthrough, Moldovan police have arrested a 45-year-old foreign man who was allegedly involved in ransomware attacks on Dutch companies in 2021. The arrest is the result of a joint international operation involving Moldovan and Dutch authorities, which has brought a major suspect to justice.
The suspect's involvement in the cybercrimes is linked to the DoppelPaymer ransomware attack, which targeted multiple companies in the Netherlands. One notable victim was the Netherlands Organization for Scientific Research (NWO), with damages totaling approximately €4.5 million.
A Brief Overview of DoppelPaymer Ransomware
DoppelPaymer ransomware has been active since June 2019, and its operators have been using a double extortion scheme to carry out their attacks. The gang behind the malware family uses various channels, including phishing and spam messages, to spread it.
The operators also rely on EMOTET malware to help spread DoppelPaymer. In early 2020, they launched a leak site as part of their ransomware operation. According to German authorities, at least 37 companies were affected by the ransomware, with the University Hospital in Düsseldorf being one of the most prominent victims.
The International Operation
In March 2023, Europol announced an international operation conducted by law enforcement in Germany and Ukraine, working closely with the US FBI and Dutch police. The target was two key figures of the DoppelPaymer ransomware group.
On February 28, 2023, the German Regional Police (Landeskriminalamt Nordrhein-Westfalen) and the Ukrainian National Police (Націона́льна полі́ція Украї́ни), with support from Europol, the Dutch Police (Politie), and the United States Federal Bureau of Investigations, targeted suspected core members of the criminal group responsible for carrying out large-scale cyberattacks using DoppelPaymer ransomware.
The Arrest and Seizure of Evidence
On May 6, 2025, Moldovan law enforcement searched the suspect's home and car, seizing key evidence linked to cybercrimes. The seized items included:
* €84,800 in cash * An e-wallet * Laptops * A phone * A tablet * Six bank cards * Multiple storage devices
The arrest is a significant development in the fight against ransomware attacks and cybercrime. It highlights the importance of international cooperation between law enforcement agencies to combat these crimes.
Stay Safe Online
To stay safe online, it's essential to be aware of the latest cyber threats and take steps to protect yourself and your business.
* Use strong antivirus software * Keep your operating system and software up-to-date * Use unique and complex passwords for all accounts * Be cautious when clicking on links or opening attachments from unknown sources * Regularly back up your data
By taking these steps, you can significantly reduce the risk of falling victim to a ransomware attack.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon