REvil Cyber Ransomware Gang Members Arrested

Uploaded on 2022-01-17 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-Law Enforcement, FREE TO VIEW

The Federal Security Service (FSB) of the Russian Federation say they have shut down the REvil ransomware gang after German authorities identifed the gang the leader. At least 14 members of the cyber crime group have been arrested following police raids at 25 addresses, the security agency said  in a statement 

Raids were conducted at 25 residents owned by 14 members suspected to be part of the REvil team across Moscow, St. Petersburg, Leningrad, and the Lipetsk regions. Authorities said they seized more than 426 million roubles, $600,000, and €500,000 in cash, along with crypto currency wallets, computers and expensive cars.

The United States had offered a reward of up to $10m (£7.3m) for information leading to the gang members, following ransomware attacks. Russia's intelligence bureau FSB said the group had "ceased to exist", however, it does not appear that any Russian members of the gang will be extradited to the United States. 

According to the Russian state news service Tass, REvil "developed malicious software" and "organised the theft of money from the bank accounts of foreign citizens".

In addition to cash and crypto-currency tokens, the Russian authorities confiscated 20 luxury cars purchased with money obtained from cyber attacks, computer equipment and crypto currency wallets used to develop and maintain the criminal operation."The organised criminal association has ceased to exist and the information infrastructure used for criminal purposes was neutralised," the FSB said in a statement.

The Russian announcement comes during a tense confrontation between the United States and Russia over the national integrity of Ukraine which has been subject to a wave of damaging cyber attacks against government websites.

The FSB has not released the names of any of the suspects. However, the Russian security service says it “established the full composition of the REvil criminal community,” suggesting the main leaders behind the gang have been detained. The gang’s widespread hacking activities prompted US President Joe Biden administration to order US intelligence agencies to investigate REvil along with ither foreig hackers.  

Future Ransomware Attacks

There was a turning point in 2021 in the fight against ransomware as the collaboration among law enforcement agencies led to high-profile arrests, and the business of ransomware has become riskier for criminals. Western law enforcement agencies formed dedicated units, including Europol’s Joint Cybercrime Action Task Force or the FBI’s National Cyber Investigative Joint Task Force. This led to breakthrough arrests and the seizure of millions of dollars in crypto currency, however, the bigger these groups become, the more of a target they are for law enforcement.

As a result, cyber criminals are diversifying their methods to avoid detection by using a wider variety of attack vectors. 

Some of the groups are automating their attacks or reducing their reliance on affiliates, partner organisations that help identify and infect targets with their malware. Looking forward, the concentration of ransomware gangs into fewer, more powerful groups means that companies in the private sector must maintain the highest levels of alert.

TASS:   The Record:     BBC:      WashPo:    Vice:      Bleeping Computer:    PCMag:   ZDNet:     I-HLS:

You Might Also Read: 

North Korean Hackers Stole $400m In Crypto Currency:

 

« Process Sensor Cyber Security Is A Vital Issue
Google Buys Siemplify For $500m »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Aurec

Aurec

Aurec provides specialist recruitment and contracting services including ICT professionals.

Singapore Cybersecurity Consortium

Singapore Cybersecurity Consortium

Singapore Cybersecurity Consortium was created to encourage use-inspired research, training and technology awareness in cybersecurity.

Ideagen

Ideagen

Ideagen provides information management, safety, risk and compliance software solutions that allow organisations to achieve operational excellence, regulatory compliance and reduce risk.

Steganos

Steganos

Steganos offers highly secure and easy to use software tools that protect and secure on and offline data.

New Zealand Internet Task Force (NZITF)

New Zealand Internet Task Force (NZITF)

The New Zealand Internet Task Force (NZITF) is a non-profit with the mission of improving the cyber security posture of New Zealand.

IFE Digital Systems

IFE Digital Systems

IFE Digital Systems conducts research, development and consultancy in risk, safety and security related to digital systems in critical infrastructure.

Enterprise Ethereum Alliance (EEA)

Enterprise Ethereum Alliance (EEA)

EEA is a member-led industry organization whose objective is to drive the use of Ethereum blockchain technology as an open-standard to empower ALL enterprises.

Civic Technologies

Civic Technologies

Civic’s Secure Identity Platform (SIP) uses a verified identity for multi-factor authentication on web and mobile apps without the need for usernames or passwords.

Resistant AI

Resistant AI

Resistant AI protects against evolving online fraud. We connect the dots to provide a new layer of trust and performance for our clients’ systems.

Concentric

Concentric

Concentric Data Risk Monitoring and Protection. Deep Learning to discover, monitor and remediate risks to sensitive data on-premises and in the cloud.

Privacyware

Privacyware

Privacyware's ThreatSentry combines a state-of-the-art Web Application Firewall and port-level firewall with advanced behavioral filtering to block unwanted IIS traffic and web application threats.

SilverSky

SilverSky

SilverSky offers a comprehensive suite of products and services that deliver unprecedented simplicity and expertise for compliance and cybersecurity programs.

East Midlands Cyber Resilience Centre (EMCRC)

East Midlands Cyber Resilience Centre (EMCRC)

The East Midlands Cyber Resilience Centre is set up to support and help protect businesses across the region against cyber crime.

Custard Technical Services

Custard Technical Services

Custard provide Network Security for all types of businesses across many industries, helping to keep them safe and secure.

Quatrro Business Support Services (QBSS)

Quatrro Business Support Services (QBSS)

QBSS is a tech-enabled outsourcing firm that’s changing the way companies think about finance, accounting, human resources and technology services.

Leapfrog Services

Leapfrog Services

Leapfrog offers outsourced managed IT + cybersecurity services that are scalable, aligned, and fit easily into your business model.