Russia Arrests REvil – Infosecurity Magazine


Russia claims to have terminated the criminal activities of the REvil ransomware gang and placed its members under arrest.

In an action coordinated by the Federal Security Service of the Russian Federation (FSB) in cooperation with the Investigation Department of the Ministry of Internal Affairs of Russia in the cities of Moscow, St. Petersburg and Lipetsk, searches were carried out made to residential addresses associated with 14 gang members.

During the operation, Russian authorities seized computer equipment, cash and vehicles purchased with the proceeds of crime.

A statement issued today by the Federal Security Service of the Russian Federation (FSB) states that “funds were seized from 25 addresses at the places of residence of 14 members of the organized criminal community: more than 426 million rubles, including in cryptocurrency, 600,000 US dollars, 500,000 euros, as well as computer equipment, crypto wallets used to commit crimes, 20 premium cars purchased with money from the crime.

The FSB said members of the ransomware gang had been arrested and charged with illegal circulation of means of payment.

“As a result of the joint actions of the FSB and the Ministry of Internal Affairs of Russia, the organized criminal community ceased to exist, the information infrastructure used for criminal purposes was neutralized”, reads in the press release.

Russia said the strike against REvil was made in response to a call from the United States and that US authorities had been “informed of the results of the operation”.

The arrests came after unknown hackers targeted Ukrainian government websites early on Friday, blocking access and warning internet users to “expect the worst”.

Former US naval and threat intelligence specialist at Cyware Neal Dennis commented: “When a group becomes as large and prolific as this on the world stage, eventually Russia steps in.

“I don’t think it comes exclusively because the United States asked Russia to carry out the operation.”

Chris Morgan, senior cyber threat intelligence analyst at Digital Shadows, said Russia’s actions could be an attempt to defuse territorial tensions between Russia and the West.

“It is likely that the arrests against REvil members were politically motivated, with Russia seeking to use the event as leverage,” Morgan said.

“It could be debated whether this could be related to the sanctions against Russia recently proposed in the United States, or to the development of the situation on the Ukrainian border.”


About Author

Comments are closed.