REvil Cyber Ransomware Gang Members Arrested

The Federal Security Service (FSB) of the Russian Federation say they have shut down the REvil ransomware gang after German authorities identifed the gang the leader. At least 14 members of the cyber crime group have been arrested following police raids at 25 addresses, the security agency said  in a statement 

Raids were conducted at 25 residents owned by 14 members suspected to be part of the REvil team across Moscow, St. Petersburg, Leningrad, and the Lipetsk regions. Authorities said they seized more than 426 million roubles, $600,000, and €500,000 in cash, along with crypto currency wallets, computers and expensive cars.

The United States had offered a reward of up to $10m (£7.3m) for information leading to the gang members, following ransomware attacks. Russia's intelligence bureau FSB said the group had "ceased to exist", however, it does not appear that any Russian members of the gang will be extradited to the United States. 

According to the Russian state news service Tass, REvil "developed malicious software" and "organised the theft of money from the bank accounts of foreign citizens".

In addition to cash and crypto-currency tokens, the Russian authorities confiscated 20 luxury cars purchased with money obtained from cyber attacks, computer equipment and crypto currency wallets used to develop and maintain the criminal operation."The organised criminal association has ceased to exist and the information infrastructure used for criminal purposes was neutralised," the FSB said in a statement.

The Russian announcement comes during a tense confrontation between the United States and Russia over the national integrity of Ukraine which has been subject to a wave of damaging cyber attacks against government websites.

The FSB has not released the names of any of the suspects. However, the Russian security service says it “established the full composition of the REvil criminal community,” suggesting the main leaders behind the gang have been detained. The gang’s widespread hacking activities prompted US President Joe Biden administration to order US intelligence agencies to investigate REvil along with ither foreig hackers.  

Future Ransomware Attacks

There was a turning point in 2021 in the fight against ransomware as the collaboration among law enforcement agencies led to high-profile arrests, and the business of ransomware has become riskier for criminals. Western law enforcement agencies formed dedicated units, including Europol’s Joint Cybercrime Action Task Force or the FBI’s National Cyber Investigative Joint Task Force. This led to breakthrough arrests and the seizure of millions of dollars in crypto currency, however, the bigger these groups become, the more of a target they are for law enforcement.

As a result, cyber criminals are diversifying their methods to avoid detection by using a wider variety of attack vectors. 

Some of the groups are automating their attacks or reducing their reliance on affiliates, partner organisations that help identify and infect targets with their malware. Looking forward, the concentration of ransomware gangs into fewer, more powerful groups means that companies in the private sector must maintain the highest levels of alert.

TASS:   The Record:     BBC:      WashPo:    Vice:      Bleeping Computer:    PCMag:   ZDNet:     I-HLS:

You Might Also Read: 

North Korean Hackers Stole $400m In Crypto Currency:

 

« Process Sensor Cyber Security Is A Vital Issue
Google Buys Siemplify For $500m »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DKCERT

DKCERT

DKCERT (Danish Computer Security Incident Response Team) is a service of DeIC (Danish e-Infrastructure Cooperation).

National Centre of Incident Readiness & Strategy for Cybersecurity (NISC) - Japan

National Centre of Incident Readiness & Strategy for Cybersecurity (NISC) - Japan

NISC was established as a secretariat of the Cybersecurity Strategy Headquarters in collaboration with the public and private sectors to create a "free, fair and secure cyberspace" in Japan.

Telia Cygate

Telia Cygate

Cygate are specialists in information security, data networks, and data centre and cloud technologies.

Sentropi

Sentropi

Sentropi is an online protection solution against charge backs, account takeovers, identity thefts and online scams.

BlueKrypt

BlueKrypt

BlueKrypt is a consulting firm for the security of IT systems and their management.

ActiveNav

ActiveNav

ActiveNav provide dark data discovery solutions for compliance and information governance.

CybrHawk

CybrHawk

CybrHawk is a leading provider of information security-driven risk intelligence solutions focused solely on protecting clients from cyber-attacks.

TransUnion

TransUnion

TransUnion is a global information and insights company that makes it possible for businesses and consumers to transact with confidence.

Raiven Capital

Raiven Capital

Raiven Capital is a global early-stage technology venture capital fund. We focus on founder-led, driven companies on the leading edge of disruption.

Department of Homeland Security (DHS)

Department of Homeland Security (DHS)

The Department of Homeland Security has a vital mission: to secure the nation from the many threats we face. Our duties are wide-ranging, but our goal is clear - keeping America safe.

Vali Cyber

Vali Cyber

Vali Cyber was founded in 2020 with the mission of addressing the specific cybersecurity needs of Linux.

HCS

HCS

HCS is an IT Company and Telecoms provider with an experienced team who are dedicated to ensuring our clients business systems are protected.

NetHope

NetHope

NetHope is a membership-based organization serving the international nonprofit humanitarian, development, and conservation sector through digital transformation.

TetherView

TetherView

TetherView provides leading virtual desktop and email security technology to help businesses stand up and manage digital workspaces.

FoxPointe Solutions

FoxPointe Solutions

FoxPointe Solutions is a full-service cyber risk management and compliance firm.

DNS Research Federation (DNSRF)

DNS Research Federation (DNSRF)

DNSRF's mission is to advance the understanding of the Domain Name System's impact on cybersecurity, policy and technical standards.