Level 22
Malware Hunter
Polish law enforcement announced on Friday the arrest of Tomasz T., a well-known cyber-criminal believed to be the author of the Polski, Vortex, and Flotera ransomware strains.

The arrest took place on Wednesday, March 14, in the Polish town of Opole, while Tomasz —a Polish national living in Belgium— was visiting his native country.

Authorities recovered encryption keys
Polish infosec experts had been tracking Tomasz for years, and Polish police were ready at the time of his arrest. Working through Europol, Polish police alerted their Belgium counterparts, who searched his house and seized computer equipment.
Tomasz "Armaged0n" T. was active since 2013
An assortment of people have been tracking this prodigious cybercriminal. According to prosecutors, the suspect has been active since 2013, when he first started targeting users via a banking trojan that would replace bank account numbers in users' clipboards with one of his own, so to receive undeserved bank transfers.

Since the start of 2017, police say Tomasz shifted operations to ransomware. He first created the Polski ransomware in late January, moved on to the Vortex strain in March, and then to the Flotera strain later in the same month.