Categories
Notorious Russia

Russia claims it has taken down the notorious REvil ransomware organization

What just happened? Russia’s FSB has arrested members of REvil, a ransomware group responsible for many cyberattacks across the US last year, including the Kaseya attack. Amid the arrest, the FSB seized millions of dollars in cash and assets. According to machine translation of the FSB’s announcement, the Russian agency raided 25 addresses belonging to…

What just happened? Russia’s FSB arrested members of REvil, a ransomware organization that was responsible for numerous cyberattacks in the US over the past year, including the Kaseya attacks. The FSB seized millions in cash and other assets during the arrest.

According to machine translation of the FSB’s announcement, the Russian agency raided 25 addresses belonging to 14 people. During the raids it sized around 426 million rubles (about $5.6 million), $600,000 USD, 500,000 Euros, computers, crypto wallets, and 20 cars. The FSB accused the suspects of “illegal distribution of means of payment “.

The raids were ordered by the US authorities following a report on one of the group members. That part of the FSB’s announcement may be a reference to Operation GoldDust, in which Romanian police arrested two people linked to REvil last November. In October, German authorities claimed to have identified a REvil member vacationing in the Mediterranean.

Below is a video of the FSB’s REvil raids pic.twitter.com/Oh7Ef2GpQO

— Catalin Cimpanu (@campuscodi) January 14, 2022

Last summer, REvil’s ransomware software was responsible for the cyberattack on business platform Kaseya, which affected hundreds of US businesses. Soon after, President Joe Biden made clear he wanted the Russian government to act on the activities of gangs like REvil that operate from inside Russia. It has been alleged that the country turned a blind eye towards the actions of gangs as long as they didn’t attack any Russian citizens.

A US official told The Washington Post one person the FSB arrested was involved in the Colonial Pipeline cyberattack, which was claimed by another ransomwa

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *