The FSB raided the homes of 14 organized criminals — seizing cash and cryptocurrencies worth millions of dollars, computers, digital wallets, and 20 high-end cars.
Russia says it has dismantled the REvil ransomware group after a series of raids across the country.
In a statement, the security service said the raids followed a request by U.S. law enforcement, who had identified REvil's leader and his involvement in infiltrating the IT systems of major companies "by introducing malicious software, encrypting information and extorting money for its decryption."
FSB representatives "established the full composition of the REvil criminal community," adding:
"In order to implement the criminal intent, these persons developed malicious software, organized the theft of funds from the bank accounts of foreign citizens and their cashing out, including by purchasing expensive goods on the Internet."
Declaring that REvil no longer poses a threat, the statement continued:
"The organized criminal community ceased to exist, the information infrastructure used for criminal purposes was neutralized."
A Notorious Group
Unfortunately, there are no guarantees that the FSB has arrested everyone who was involved in this ransomware group.
While REvil was responsible for developing the malicious software that would encrypt a victim's files — as well as the infrastructure where ransomware payments would be made — affiliates were responsible for performing the hacks and stealing the data.
And although these arrests are significant, it's highly likely that the cybercriminals who haven't been caught will end up continuing their illegal activities under a new name.
"The effect that this will have on the scale of ransomware attacks moving forward will depend on if this is a one-off, or if more arrests happen. One arrest a month for a few months, then all of these guys will start to re-evaluate their life choices."