Russia: FSB Arrests 14 Suspected REvil Ransomware Gang Members in Recent Raid

The Russian government has successfully seized the suspects behind the notorious REvil ransomware gang on Friday, Jan. 14, upon the request from the US authorities.

The country's Federal Security Service (FSB) announced during the press release that it shut down the hackers' operation after chasing the culprits in 25 different addresses across Moscow.

FSB Detains REvil Hackers

The recent raid that Russia's security team launched has resulted in the arrest of 14 suspected hackers that operate under REvil.

According to TechCrunch, the pursuit involved chasing the suspects at 25 addresses in several places in the country.

The same group which attacked Kaseya, Colonial Pipeline, and JBS Foods had previously exploited other firms from different parts of the world.

Moreover, Tech Times reported months ago that the notorious crew disappeared without a single trace back in July. At that time, experts believed that there was a reason why the group decided to remain silent temporarily.

One possible reason behind this is the lack of members. Some of them could have decided to retire since they already earned a lot of money from their ransomware schemes.

The decision to seize the hacking group was made possible through the request of the US authorities, the agency announced in a statement.

The group is popular due to its established tactics of injecting malware into the companies' systems and spreading exploits across their networks. However, the authorities identified that besides these activities, REVil participated in bank heists which usually target foreigners.

Illegal Circulation of Means of Payment

The government has not yet released the names of every REvil member. They will be charged for their involvement in the "illegal circulation of means of payment," which falls under Russian law.

"As a result of joint actions of the FSB and the Ministry of Internal Affairs of Russia, the organized criminal community ceased to exist, the information infrastructure used for criminal purposes was neutralized," the security department said.

Furthermore, the Russian authorities were able to retrieve the following during the search activity, Bleeping Computer wrote.

  • more than 426 million rubles (approximately $5,5 million)
  • 600 thousand US dollars
  • 500 thousand euros (approximately $570,000)
  • 20 luxury cars
  • computers
  • crypto wallets

REvil Decryption Tool For the Ransomware Victims

In September 2021, Tech Times wrote that BitDefender developed a decryption software for REvil malware victims. The good news for them is it is free of charge.

The cybersecurity company said that it was made possible with the help of an anonymous law enforcement body. Despite releasing an anti-malware tool, BitDefenders still warned the people that any time, the group might strike them again.

Just on Friday, Jan. 14, Ukraine suffered from a massive cyberattack after the unknown hackers shut down the government websites across the country, per The New York Times.

According to FSB, REvil has a long-time record of hacking several establishments in Ukraine. Despite this possibility, the authorities said it was too early to conclude that they were responsible for the latest incident.

This article is owned by Tech Times

Written by Joseph Henry

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics