Skip to content
Security 2 min read

The developer of Vortex, Polski and Flotera ransomware is arrested

Linas Kiguolis Expert in social media Published

The author of Flotera, Polski and Vortex ransomware, Tomasz T., has been charged with 181 crimes

Polski ransomware author is arrested

Law enforcement agencies from Poland have arrested Tomasz T. on Friday. Investigators believe that the Polish national, who is currently living in Belgium, is the developer of three infamous ransomware families — Polski, Vortex, and Flotera. The arrest took place in the Polish town, named Opole on Wednesday[1].

Tomasz T. was taken into custody and charged with 181 different crimes. Although, authorities confirm that the suspect pleaded guilty and cooperated with the police agents. Nonetheless, the judge has already approved that the cybercriminal would be temporarily imprisoned for three months.

According to the official report, law enforcement says that it is believed that the suspect has infected thousands of computers worldwide. Although, most of the victims appeared to be located in Poland and the crook has earned more than $145 000 from the ransom payments[2].

Tomasz T. is also known as Armaged0n in hackers' forums

Numerous people from Polish law enforcement groups have been tracking this cybercriminal. They have found the nickname of Tomasz which has been widely used in infamous HackForums portal — Armaged0n. The suspect is believed to be active since 2013 with the latter alternative name.

He first started his malicious activity when trying to receive illegal bank transactions with the help of the banking trojan. The software was designed to switch the original bank account number with the one of Tomasz and transfer money from the victim directly to his bank account. 

Later in 2017, this cybercriminal decided to release a file-encrypting virus, named Polski ransomware[3]. Unfortunately, one cyber threat followed another the suspect had distributed two other crypto-malware — Vortex and Flotera viruses. According to the IT specialists, one of the most successful cyber infections were Vortex ransomware which remained to lurk in the cyberspace until 2018.

Local authorities have collected the equipment and decryption keys

At the time of the arrest of Thomas, Polish police have contacted authorities in Belgium to search his apartment. They have seized his computer and other related equipment for the investigation. Luckily, IT professionals have managed to access the information stored in the systems and remote servers. Likewise, they obtained the decryption[4] tools necessary for ransomware victims.

Now, Polish police are urging the victims of Polski, Vortex and Flotera ransomware to file official complaints[5]. This way, the authorities will provide the keys which are vital for file decryption. People can successfully get back the compromised data and use their computers again.

Be the first to comment

Spyware news
Privacy preferences

We use cookies to improve your experience and analyze traffic. Some cookies enable embedded content like videos and social posts. Choose what you allow — you can change this anytime.