Gardaí part of joint operation including FBI that targeted cybercriminals, dark web leaks

RSS

Syndicated Content

Published: Fri 8 Aug 2025, 6:04 PM

Last updated: Fri 8 Aug 2025, 6:21 PM

James Cox

The Garda National Cyber Crime Bureau was part of a joint international operation, also including the FBI and Europol, which successfully targeted assets used by cybercriminals.

As part of an ongoing joint operation conducted by international law enforcement, including the Garda National Cyber Crime Bureau, the United States Immigration and Customs Enforcement (ICE), Homeland Security Investigations led a major disruption operation resulting in the seizure and takedown of "key operational infrastructure".

This included the dark web leaks page and the victim negotiation site, as well as domains attributed to the Blacksuit Ransomware Group.

Other law enforcement agencies involved in this operation included the United States Department of Homeland Security (DHS), US Secret Service, US FBI, the Dutch National Police, the German State Criminal Police Office, the UK National Crime Agency, the Frankfurt General Prosecutor's Office, the Ukrainian Cyber Police, and Europol, assisted by private partners.

A dark web leaks page is a website maintained by a ransomware group on the darknet. It is where they publish the names of victims that refuse to pay a ransom or to engage with them.

A victim negotiation site is another site maintained by the threat actors. This is not generally accessible by the wider public, but is where the victims of a ransomware go to engage and communicate with the offenders.

The Blacksuit ransomware group are an organised crime group responsible for the commission of ransomware and other serious cyber criminality internationally.

The Blacksuit ransomware group emerged in May 2023, as a result of the rebranding of the Royal Ransomware Group; itself originating from the Conti Ransomware Group, responsible for a number of serious ransomware attacks internationally.

Commenting today on the operation, Assistant Commissioner for Organised and Serious Crime Angela Willis said: "An Garda Síochána will continue to work with our international law enforcement colleagues and private partners to identify, target and disrupt organised crime groups using the infrastructure to carry out ransomware and other forms of cybercrime.

"Our work to date involving close collaboration with international partners, including this seizure and takedown of key online operational infrastructure will continue as part of our ongoing effort to keep people safe both on an offline."