REvil Cyber Ransomware Gang Members Arrested

Uploaded on 2022-01-17 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-Law Enforcement, FREE TO VIEW

The Federal Security Service (FSB) of the Russian Federation say they have shut down the REvil ransomware gang after German authorities identifed the gang the leader. At least 14 members of the cyber crime group have been arrested following police raids at 25 addresses, the security agency said  in a statement 

Raids were conducted at 25 residents owned by 14 members suspected to be part of the REvil team across Moscow, St. Petersburg, Leningrad, and the Lipetsk regions. Authorities said they seized more than 426 million roubles, $600,000, and €500,000 in cash, along with crypto currency wallets, computers and expensive cars.

The United States had offered a reward of up to $10m (£7.3m) for information leading to the gang members, following ransomware attacks. Russia's intelligence bureau FSB said the group had "ceased to exist", however, it does not appear that any Russian members of the gang will be extradited to the United States. 

According to the Russian state news service Tass, REvil "developed malicious software" and "organised the theft of money from the bank accounts of foreign citizens".

In addition to cash and crypto-currency tokens, the Russian authorities confiscated 20 luxury cars purchased with money obtained from cyber attacks, computer equipment and crypto currency wallets used to develop and maintain the criminal operation."The organised criminal association has ceased to exist and the information infrastructure used for criminal purposes was neutralised," the FSB said in a statement.

The Russian announcement comes during a tense confrontation between the United States and Russia over the national integrity of Ukraine which has been subject to a wave of damaging cyber attacks against government websites.

The FSB has not released the names of any of the suspects. However, the Russian security service says it “established the full composition of the REvil criminal community,” suggesting the main leaders behind the gang have been detained. The gang’s widespread hacking activities prompted US President Joe Biden administration to order US intelligence agencies to investigate REvil along with ither foreig hackers.  

Future Ransomware Attacks

There was a turning point in 2021 in the fight against ransomware as the collaboration among law enforcement agencies led to high-profile arrests, and the business of ransomware has become riskier for criminals. Western law enforcement agencies formed dedicated units, including Europol’s Joint Cybercrime Action Task Force or the FBI’s National Cyber Investigative Joint Task Force. This led to breakthrough arrests and the seizure of millions of dollars in crypto currency, however, the bigger these groups become, the more of a target they are for law enforcement.

As a result, cyber criminals are diversifying their methods to avoid detection by using a wider variety of attack vectors. 

Some of the groups are automating their attacks or reducing their reliance on affiliates, partner organisations that help identify and infect targets with their malware. Looking forward, the concentration of ransomware gangs into fewer, more powerful groups means that companies in the private sector must maintain the highest levels of alert.

TASS:   The Record:     BBC:      WashPo:    Vice:      Bleeping Computer:    PCMag:   ZDNet:     I-HLS:

You Might Also Read: 

North Korean Hackers Stole $400m In Crypto Currency:

 

« Process Sensor Cyber Security Is A Vital Issue
Google Buys Siemplify For $500m »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ForeScout Technologies

ForeScout Technologies

ForeScout delivers pervasive network security by allowing organisations to continuously monitor & mitigate security exposures & cyberattacks.

APrivacy

APrivacy

APrivacy provides information and communication security products for the financial services industry.

CamCERT

CamCERT

CamCERT is the national Computer Emergency Response Team for Cambodia.

NetLib Security

NetLib Security

NetLib Security’s powerful, patented data security platform helps companies control data loss prevention (DLP) by managing what data can be transferred outside of their network.

CYBERSEC Forum

CYBERSEC Forum

CYBERSEC Forum is an annual European Public Policy Conference dedicated to strategic aspects of cybersecurity.

Protergo Cyber Security

Protergo Cyber Security

Protergo Cyber Security is the first integrated provider of cybersecurity solutions in Indonesia. We proactively protect our clients from cyber threats.

Deduce

Deduce

Deduce use a combination of aggregate historical user data, identity risk intelligence, and proactive alerting to deliver a robust identity and authentication solution.

Appsec Phoenix

Appsec Phoenix

Appsec Phoenix is an end to end vulnerability management platform that focuses on workflows, threat feed, and real time data.

NACVIEW

NACVIEW

NACVIEW is a Network Access Control solution. It allows to control endpoints and identities that try to access the network - wired and wireless, including VPN connections.

Surfshark

Surfshark

Surfshark is a cybersecurity company focused on developing humanized privacy & security protection solutions to secure people's digital lives.

Birch Cline Cybersecurity

Birch Cline Cybersecurity

Birch Cline specializes in helping Local Government and Education agencies, as well as mid-market organizations, build and maintain successful cybersecurity programs.

GoPlus Security

GoPlus Security

GoPlus is working as the "security infrastructure" for web3, by providing open, permissionless, user-driven Security Services.

Battery Ventures

Battery Ventures

Battery partners with talented founders and teams building category-defining businesses at all stages of growth.

ASMGi

ASMGi

ASMGi is a managed services, security and GRC solutions, and software development provider.

Fescaro

Fescaro

FESCARO is a trusted cybersecurity partner for global automakers and their partners, helping them transition to software-defined vehicles (SDVs) with tailored automotive software solutions.

Defend

Defend

DEFEND are 100% focused on providing managed cybersecurity solutions and services that make a real difference to the cyber resilience of your organisation.