Moldovan police have arrested a 45-year-old foreigner suspected of carrying out a large-scale ransomware attack against the Netherlands Organization for Scientific Research (NWO), which caused losses of more than 4.5 million €.
According to an official statement, the suspect was internationally wanted for several cyberattacks, extortion and money laundering. During a search of his home, cash, e-wallets, laptops, tablets and data carriers were seized. The attack against NWO took place in 2021 and was attributed to the DoppelPaymer hacking group, which encrypted files, blocked access to documents and stole some of the data, which was later made public after the organization refused to pay the ransom. DoppelPaymer is considered the successor to BitPaymer – both threats have similar code and mechanism of operation.
DoppelPaymer first appeared in 2019 and has become a tool for large-scale attacks on institutions around the world. In 2023, German and Ukrainian police conducted a joint operation against key members of the group, including Igor Turashev, Igor Garshin, and Iryna Zemlyanikina, who are considered the “brains” of the group. The case is a continuation of the international fight against transnational cybercrime.
The arrest in Moldova highlights that international cooperation remains a key tool in the fight against cybercrime. At the same time, the case emphasizes the critical importance of cyber protection for government and academic institutions, which are often targeted by politically or financially motivated attacks.
