REvil Cyber Ransomware Gang Members Arrested

The Federal Security Service (FSB) of the Russian Federation say they have shut down the REvil ransomware gang after German authorities identifed the gang the leader. At least 14 members of the cyber crime group have been arrested following police raids at 25 addresses, the security agency said  in a statement 

Raids were conducted at 25 residents owned by 14 members suspected to be part of the REvil team across Moscow, St. Petersburg, Leningrad, and the Lipetsk regions. Authorities said they seized more than 426 million roubles, $600,000, and €500,000 in cash, along with crypto currency wallets, computers and expensive cars.

The United States had offered a reward of up to $10m (£7.3m) for information leading to the gang members, following ransomware attacks. Russia's intelligence bureau FSB said the group had "ceased to exist", however, it does not appear that any Russian members of the gang will be extradited to the United States. 

According to the Russian state news service Tass, REvil "developed malicious software" and "organised the theft of money from the bank accounts of foreign citizens".

In addition to cash and crypto-currency tokens, the Russian authorities confiscated 20 luxury cars purchased with money obtained from cyber attacks, computer equipment and crypto currency wallets used to develop and maintain the criminal operation."The organised criminal association has ceased to exist and the information infrastructure used for criminal purposes was neutralised," the FSB said in a statement.

The Russian announcement comes during a tense confrontation between the United States and Russia over the national integrity of Ukraine which has been subject to a wave of damaging cyber attacks against government websites.

The FSB has not released the names of any of the suspects. However, the Russian security service says it “established the full composition of the REvil criminal community,” suggesting the main leaders behind the gang have been detained. The gang’s widespread hacking activities prompted US President Joe Biden administration to order US intelligence agencies to investigate REvil along with ither foreig hackers.  

Future Ransomware Attacks

There was a turning point in 2021 in the fight against ransomware as the collaboration among law enforcement agencies led to high-profile arrests, and the business of ransomware has become riskier for criminals. Western law enforcement agencies formed dedicated units, including Europol’s Joint Cybercrime Action Task Force or the FBI’s National Cyber Investigative Joint Task Force. This led to breakthrough arrests and the seizure of millions of dollars in crypto currency, however, the bigger these groups become, the more of a target they are for law enforcement.

As a result, cyber criminals are diversifying their methods to avoid detection by using a wider variety of attack vectors. 

Some of the groups are automating their attacks or reducing their reliance on affiliates, partner organisations that help identify and infect targets with their malware. Looking forward, the concentration of ransomware gangs into fewer, more powerful groups means that companies in the private sector must maintain the highest levels of alert.

TASS:   The Record:     BBC:      WashPo:    Vice:      Bleeping Computer:    PCMag:   ZDNet:     I-HLS:

You Might Also Read: 

North Korean Hackers Stole $400m In Crypto Currency:

 

« Process Sensor Cyber Security Is A Vital Issue
Google Buys Siemplify For $500m »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

SealPath

SealPath

SealPath enables companies to protect and control their documents wherever they are: In their PC, in their corporate network, on a partner’s network, in the cloud.

Serena

Serena

Serena Software helps increase speed of the software development lifecycle while enhancing security, compliance, and performance.

Norton Rose Fulbright

Norton Rose Fulbright

Norton Rose Fulbright is a global business law firm. Practice areas include Data protection, Privacy and Cybersecurity.

Cyberwrite

Cyberwrite

Cyberwrite was founded to provide underwriters around the world a unique and innovative Cyber Underwriting platform.

Secura

Secura

The Secura Cyber Security and Intelligence system predicts and prevents security threats by discovering hidden patterns through the meticulous analysis of large amounts of data.

Risk Based Security (RBS)

Risk Based Security (RBS)

Risk Based Security provide the most comprehensive and timely vulnerability intelligence, breach data and risk ratings.

Alacrinet

Alacrinet

Alacrinet is an IT and cyber security consultancy. From penetration testing to fully managed MSSP, our team is focused on knowing the latest threats, preventing vulnerabilities, and providing value.

Digital Boundary Group (DBG)

Digital Boundary Group (DBG)

Digital Boundary Group (DBG) is an information technology security assurance services firm providing information technology security auditing and compliance assessment services to clients worldwide.

OSI Security

OSI Security

OSI Security's primary services include penetration testing, security auditing, web application security testing and risk management.

Otto

Otto

Stop Client-Side Attacks. Plug otto into your application security suite and protect your supply chain.

Maltego Technologies

Maltego Technologies

Maltego is a comprehensive tool for graphical link analyses that offers real-time data mining and information gathering. Applications include cybersecurity threat intelligence and incident response.

Fulcrum Technology Solutions

Fulcrum Technology Solutions

The Fulcrum team of technologists are recognized experts in the fields of IT Infrastructure Technology, Security, Service Management and Support.

Coalition for Secure AI (CoSAI)

Coalition for Secure AI (CoSAI)

CoSAI is an open ecosystem of AI and security experts from industry leading organizations dedicated to sharing best practices for secure AI deployment and collaborating on AI security research.

Ryan Financial Lines

Ryan Financial Lines

Ryan Financial Lines Cyber provides risk transfer solutions for complex cyber and technology exposures, globally.

Chaos Computer Club (CCC)

Chaos Computer Club (CCC)

The Chaos Computer Club is Europe's largest association of hackers.

Leapfrog Services

Leapfrog Services

Leapfrog offers outsourced managed IT + cybersecurity services that are scalable, aligned, and fit easily into your business model.