Menu
Browse

Cyber Threat Actor: EUROPOL

Aliases: 3 aliases
Actor Type Location Known Incidents
 Icon
Criminal
Netherlands
1 incident
Profile

The threat actor operates under the aliases EUROPOL, European Police Office, and European Police Agency. Its known location, if any, is the Netherlands. The actor has been described as an international hacking group. On 1 January 2017 the actor was implicated in an intrusion against Microsoft’s networks. This activity placed the technology sector as a confirmed target of the actor. Microsoft stated that no customer data was compromised during the incident. Investigators noted that they were still assessing the full scope of network infiltration at the time. The public reporting does not specify the actor’s strategic objective for the Microsoft breach.

The only technique explicitly referenced for the actor in this incident is the use of unauthorized access to gain an initial foothold. No malware families, specific tools, or tooling styles are mentioned in the source material. Public attribution does not connect the actor to any state sponsor, nor does it identify a criminal consortium with which the group is affiliated. Law‑enforcement partners including regional cyber crime units, the FBI, and EUROPOL collaborated on the response. They seized devices, conducted searches, and pursued charges of computer‑misuse offenses against two individuals arrested in the United Kingdom. Parallel investigative actions were undertaken in other countries as part of a coordinated effort to disrupt the actor’s operations. The Microsoft intrusion is therefore presented as a representative campaign associated with the threat actor.

Incidents
Attributed incidents available to members
1 incident
Sources
Sources available to members
0 sources