Russia 'Dismantles' REvil Ransomware Group After Raids
Crypto News

Russia 'Dismantles' REvil Ransomware Group After Raids

7 месяцев назад

The FSB raided the homes of 14 organized criminals — seizing cash and cryptocurrencies worth millions of dollars, computers, digital wallets, and 20 high-end cars.

Russia 'Dismantles' REvil Ransomware Group After Raids


Russia says it has dismantled the REvil ransomware group after a series of raids across the country.

The FSB raided the homes of 14 organized criminals — seizing cash and cryptocurrencies worth millions of dollars, computers, digital wallets, and 20 high-end cars.

In a statement, the security service said the raids followed a request by U.S. law enforcement, who had identified REvil's leader and his involvement in infiltrating the IT systems of major companies "by introducing malicious software, encrypting information and extorting money for its decryption."

FSB representatives "established the full composition of the REvil criminal community," adding:

"In order to implement the criminal intent, these persons developed malicious software, organized the theft of funds from the bank accounts of foreign citizens and their cashing out, including by purchasing expensive goods on the Internet."

Declaring that REvil no longer poses a threat, the statement continued:

"The organized criminal community ceased to exist, the information infrastructure used for criminal purposes was neutralized."

Listen to the CoinMarketRecap podcast on Apple Podcasts, Spotify and Google Podcasts

A Notorious Group

During its time, REvil stole close to a terabyte of files from a law firm representing A-list celebrities including Lady Gaga and Madonna. It also disrupted the operations of JBS S.A. — the largest meat processing company in the world — resulting in the temporary shutdown of its beef plants in the U.S. JBS ended up paying $11 million in BTC to the hackers.
Further disruption came over the summer when REvil infiltrated the systems of IT firm Kaseya, which ended up having a knock-on effect on businesses around the world. One supermarket chain in Sweden ended up having to close 800 stores for several days.
Back in July 2021, Joe Biden had told Vladimir Putin that he expected Russia to do more to stop REvil — and in late November, the FBI ended up seizing 39 BTC from the crypto wallet of a man who was allegedly involved in the attacks.
At the time, court filings stated that REvil had extracted more than $200 million in payments from victims.

Unfortunately, there are no guarantees that the FSB has arrested everyone who was involved in this ransomware group.

While REvil was responsible for developing the malicious software that would encrypt a victim's files — as well as the infrastructure where ransomware payments would be made — affiliates were responsible for performing the hacks and stealing the data.

And although these arrests are significant, it's highly likely that the cybercriminals who haven't been caught will end up continuing their illegal activities under a new name.

One analyst told The Wall Street Journal that law enforcement agencies need to keep up their current momentum if other gangs are going to be discouraged. Netenrich's principal threat hunter John Bambenek told the publication:

"The effect that this will have on the scale of ransomware attacks moving forward will depend on if this is a one-off, or if more arrests happen. One arrest a month for a few months, then all of these guys will start to re-evaluate their life choices."

8 people liked this article