A suspected member of an online extortion gang has been arrested, police have said.
Officers said they believed they had apprehended a key member of the group DD4BC, while another suspect was also in custody after raids.
Forces from various European countries, including Scotland Yard detectives, worked together on the operation.
The group is accused of taking down companies’ websites and demanding ransoms to stop.
Its name, which stands for Distributed Denial of Service for the online currency Bitcoin, is an apparent reference to its alleged tactics.
In September last year, a report from the net firm Akamai alleged that the group had carried out more than 140 attacks in the previous 10 months on banks, media groups and gaming firms.
Europol said that “key members of the organised network” were tracked to Bosnia-Herzegovina by officers from the Metropolitan Police, who were working with the European Union’s law enforcement agency.
On 15 and 16 December, officers from Austria, Bosnia-Herzegovina and Germany, as well as those from the United Kingdom, worked together to carry out raids.
They were assisted on “Operation Pleiades” by their colleagues from Australia, France and Japan, as well as Romania, USA and Switzerland. The international agency Interpol also helped, Europol said.
In a statement released on Tuesday, it added that the operation “resulted in the arrest of a main target and one more suspect detained. Multiple property searches were carried out and an extensive amount of evidence was seized.”
Europol did not say under which power the second person was detained and a spokesman was not immediately available for comment.
A Distributed Denial of Service attack takes down a website by overwhelming it with traffic. Once a critical point is reached, users will find the site difficult to access. The group is accused of co-ordinating such attacks and demanding money to cease them, thereby allowing normal traffic to flow to the targeted website once more.
The attacks “remain a considerable threat in the European Union and beyond”, Europol said.
“This type of extortion attack has become a well-established criminal enterprise and has affected thousands of victims globally, with the number of unreported incidents believed to be much higher. The absence of reporting by private companies and individuals poses particular difficulties in law enforcement’s efforts to prosecute these cyber-threats.”
It said that the DD4BC group was “exploiting the increasing popularity of pseudonymous payment mechanisms and has been responsible for several Bitcoin extortion campaigns since mid-2014”.
According to police, DD4BC “primarily targeted the online gambling industry, but has recently broadened their activity to the financial services and entertainment sector as well as other high-profile companies. Businesses that pay the ransom to the blackmailers risk appearing vulnerable and being targeted again for a higher amount.”
Wil van Gemert, Europol’s deputy director of operations, said: “These groups employ aggressive measures to silence the victims with the threat of public exposure and reputation damage.”