Best Cryptocurrency Exchange Reddit

Russia arrests 14 REvil ransomware gang suspects • The Register

Russia arrests 14 REvil ransomware gang suspects • The Register
Written by publisher team

Russia’s Internal Security Agency said today it has dismantled the networks of the REvil ransomware gang and raided the homes of its operators after yesterday’s arrests in Ukraine.

The Federal Security Service (FSB) said in a statement that it “at the request of the relevant US authorities” raided 25 addresses that appeared to belong to “14 members of an organized criminal group”.

This “community” is called REvil, the Russian law enforcement agency said. A translation of the FSB statement reveals that the 14 people were charged under Article 187 of the Russian Criminal Code, which deals with the “unlawful turnover of means of payment”.

“As a result of the joint actions of the Federal Security Service and the Ministry of Internal Affairs of Russia, the organized criminal community no longer exists, and the information infrastructure used for criminal purposes has been neutralized,” the FSB concluded his victory.

The raids come amid a flurry of website hacking in Ukraine this morning and after months of US pleas after ransomware gangs make huge money by attacking Western targets and encrypting their IT infrastructure. Only yesterday five suspected ransomware suspects were arrested in Ukraine, although their gang affiliations were not disclosed by local police.

It seems unlikely that the Russian REvil members will be extradited to the United States for trial. Then again, little Russia might have expected it to arrest members of the ransomware gang before today.

Joseph Carson, Chief Security Scientist at ThycoticCentrify, said: record: “Many hackers around the world are using their skills for good, and this includes government hackers working hard to defend society from cybercrime, so targeting REvil is likely a statement that governments will work together to stop cybercriminals at the source.”

Last summer, US President Joe Biden asked his Russian counterpart Vladimir Putin to put “some critical infrastructure…off limits” on ransomware gangs.

A few weeks after that summit, the two leaders agreed to take coordinated action, with skepticism high at the time. Apparently, to support these suspicions, a two-day cyber security summit was held in October that focused on ransomware without Russia in attendance.

Kev Brin, Director of Cyber ​​Threat Research at Immersive Labs, saw there was more to it than meets the eye.

“The most interesting thing about these arrests is the timing. For years, the Russian government’s policy on cybercriminals has been less than proactive to say the least – so such action must be evaluated in the broader geopolitical context. With Russia and the United States currently at the diplomatic table, from These arrests are likely part of a much broader, multi-layered political negotiation.”

So who are REvil?

REvil (also known as Sodinokibi) was one of the most notorious ransom gangs in history. Having targeted everything from US nuclear weapons contractors to small and medium businesses like Kaseya to British VOIP service providers, the high-profile racketeering operation could have been busted ten times had it been based anywhere other than Russia.

Money (in the form of cryptocurrency) stolen by ransomware gangs has been spent in Russia, with gang members flaunting their illicit wealth through flash cars, homes, and consumer goods.

Trend Micro said that the REvil ransomware, known as Sodinokibi, was first discovered in April 2019 and is being delivered through the same mechanisms used in the old GandCrab ransomware, which dates back only to 2018. Reg In May 2019 after Cisco Talos saw it was exploiting one of Oracle’s WebLogic products.

The gang has since launched into disgrace, using the double-extortion method (pay once to forcibly decrypt your encrypted files, pay again to prevent copies from being distributed to others) and cryptocurrency to reap millions from unsuspecting victims — helped, in part, by its affiliate structure and its willingness to target anyone, despite unfulfilled promises at the start of the COVID-19 pandemic.

The exact reasons for the Russians targeting Revell and none of the other gangs operating from their regions are not yet known, although it seems likely given the state of Russian-American diplomatic relations in which American concessions may have played a role. Given the FSB’s boast that REvil’s infrastructure was shut down completely, following an FBI-led operation in July 2021, it may be because law enforcement authorities wanted to send a long-awaited message to other local hackers. ®


The footage released by the state information agency TASS appears to show the FSB heavyweights sitting on men in boxer shorts, later talking to the handcuffed captive. It also shows a staged door-kicking process, as a visibly open apartment door swings open amid an excited stampede, only to reveal a group of previously arrested people sitting on the floor. This kind of comedic shot is a regular feature of PR law enforcement in countries of the former Soviet Union.

About the author

publisher team