The Federal Security Service of the Russian Federation (FSB) announced this morning that it has liquidated the operation of the REvil ransomware group, with the arrest of its 14 members: “The organized criminal community has ceased to exist, the information infrastructure used for criminals has been neutralized. Representatives of the relevant US authorities have been informed of the results of the operation,” the agency said in a press release. The REvil group is suspected of a large number of attacks, including the one that hit the Brazilian company JBS.
The arrests, made in coordination with the Investigation Department of the Russian Ministry of Internal Affairs, took place in the cities of Moscow, St. Petersburg, Leningrad and the Lipetsk region.
US arrests hackers linked to REvil, recovers US$ 6 million
REvil gets US nuclear program supplier
A variety of coordinated investigative and operational measures were carried out at 25 addresses in the four locations, leading to the arrest of 14 members of the organized criminal community. More than 426 million rubles were seized, including cryptocurrency (equivalent to US$600,000 or €500,000), as well as computer equipment, cryptographic wallets used to commit crimes, and 20 luxury cars purchased with money obtained from crime.
The search activities were based on the request of US authorities, who denounced the leader of the criminal community and his involvement in hacking into the information resources of foreign high-tech companies, introducing malicious software, encrypting information and extorting money to provide the keys. The Russian FSB has established the complete composition of the “REvil” criminal community and the involvement of its members in the illegal circulation of means of payment and illegal activities.
With information from the press office