Russian authorities take down REvil ransomware gang
Russia’s Federal Security Service (FSB), the country’s principal security agency, disclosed that it arrested several members of the notorious REvil ransomware gang and neutralized its operations.
In a surprise operation by the FSB and the Ministry of Internal Affairs of Russia, raids were conducted at 25 properties across several regions of Russia, including Moscow, St. Petersburg and Lipetsk, belonging to 14 suspected members of the REvil ransomware group.
According to a statement from the FSB, several members of REvil have been detained and charged.
Computer equipment has been seized along with cryptocurrency and crypto wallets, over 426 million rubles, $600,000 US dollars and Є500,000 in Euros. 20 luxury cars bought with money obtained from ransomware attacks has have also been seized.
The raids were conducted following requests from the United States, which has been a major victim of ransomware attacks by REvil also known as Sodinokibi.
Previous action has been taken against REvil, including suspected members being arrested in Romania and Ukraine, but it is the first time Russian authorities have taken action against the group.
One of the most significant alleged REvil attacks targeted Kaseya, an IT solutions developer for MSPs and enterprise clients. REvil was also accused for a major ransomware attack against food supplier JBS, which paid $11 million in Bitcoin to the attackers in exchange for the key required to decrypt the network.
This development comes amid news of a series of cyberattacks in Ukraine that brought down websites belonging to several government agencies, including the country’s Ministry of Education and its Ministry of Foreign Affairs.
The post Russian authorities take down REvil ransomware gang first appeared on Cybersafe News.
