REvil Cyber Ransomware Gang Members Arrested

Uploaded on 2022-01-17 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-Law Enforcement, FREE TO VIEW

The Federal Security Service (FSB) of the Russian Federation say they have shut down the REvil ransomware gang after German authorities identifed the gang the leader. At least 14 members of the cyber crime group have been arrested following police raids at 25 addresses, the security agency said  in a statement 

Raids were conducted at 25 residents owned by 14 members suspected to be part of the REvil team across Moscow, St. Petersburg, Leningrad, and the Lipetsk regions. Authorities said they seized more than 426 million roubles, $600,000, and €500,000 in cash, along with crypto currency wallets, computers and expensive cars.

The United States had offered a reward of up to $10m (£7.3m) for information leading to the gang members, following ransomware attacks. Russia's intelligence bureau FSB said the group had "ceased to exist", however, it does not appear that any Russian members of the gang will be extradited to the United States. 

According to the Russian state news service Tass, REvil "developed malicious software" and "organised the theft of money from the bank accounts of foreign citizens".

In addition to cash and crypto-currency tokens, the Russian authorities confiscated 20 luxury cars purchased with money obtained from cyber attacks, computer equipment and crypto currency wallets used to develop and maintain the criminal operation."The organised criminal association has ceased to exist and the information infrastructure used for criminal purposes was neutralised," the FSB said in a statement.

The Russian announcement comes during a tense confrontation between the United States and Russia over the national integrity of Ukraine which has been subject to a wave of damaging cyber attacks against government websites.

The FSB has not released the names of any of the suspects. However, the Russian security service says it “established the full composition of the REvil criminal community,” suggesting the main leaders behind the gang have been detained. The gang’s widespread hacking activities prompted US President Joe Biden administration to order US intelligence agencies to investigate REvil along with ither foreig hackers.  

Future Ransomware Attacks

There was a turning point in 2021 in the fight against ransomware as the collaboration among law enforcement agencies led to high-profile arrests, and the business of ransomware has become riskier for criminals. Western law enforcement agencies formed dedicated units, including Europol’s Joint Cybercrime Action Task Force or the FBI’s National Cyber Investigative Joint Task Force. This led to breakthrough arrests and the seizure of millions of dollars in crypto currency, however, the bigger these groups become, the more of a target they are for law enforcement.

As a result, cyber criminals are diversifying their methods to avoid detection by using a wider variety of attack vectors. 

Some of the groups are automating their attacks or reducing their reliance on affiliates, partner organisations that help identify and infect targets with their malware. Looking forward, the concentration of ransomware gangs into fewer, more powerful groups means that companies in the private sector must maintain the highest levels of alert.

TASS:   The Record:     BBC:      WashPo:    Vice:      Bleeping Computer:    PCMag:   ZDNet:     I-HLS:

You Might Also Read: 

North Korean Hackers Stole $400m In Crypto Currency:

 

« Process Sensor Cyber Security Is A Vital Issue
Google Buys Siemplify For $500m »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

LogRhythm

LogRhythm

LogRhythm's security platform unifies SIEM, log management, network and endpoint monitoring, user behaviour analytics, security automation and advanced security analytics.

Government Communications Headquarters (GCHQ)

Government Communications Headquarters (GCHQ)

GCHQ defends Government systems from cyber threat, provide support to the Armed Forces and strive to keep the public safe, in real life and online.

Towergate Insurance

Towergate Insurance

Towergate Insurance is a leading UK specialist insurance broker. Business products include Cyber Liability Insurance.

CRU Data Security Group (CDSG)

CRU Data Security Group (CDSG)

CRU is a pioneer in devices for data mobility, data security, encryption, and digital investigation.

Junglemap

Junglemap

Junglemap provide nanolearning training courses on ransomware, information security and GDPR.

Secura

Secura

The Secura Cyber Security and Intelligence system predicts and prevents security threats by discovering hidden patterns through the meticulous analysis of large amounts of data.

Ritz

Ritz

Ritz is the largest holistic pure-play cyber security solutions provider in Myanmar.

RHEA Group

RHEA Group

RHEA Group offers aerospace and security engineering services and solutions, system development, and technologies including cyber security.

Verodin

Verodin

Verodin is a business platform that provides organizations with the evidence needed to measure, manage and improve their cybersecurity effectiveness.

swIDCH

swIDCH

swIDch is a technology company that aims to eliminate CNP (card not present) Fraud.

Cybeta

Cybeta

Cybeta's actionable cybersecurity intelligence keeps your business safe with strategic and operational security recommendations that prevent breaches.

Titan Labs

Titan Labs

Titan Labs is a Cyber Security Consultancy that provides advice and technical expertise to government, international finance and telecommunications providers.

General Informatics

General Informatics

General Informatics is a team of technology enthusiasts with one mission: to make our clients even more successful through the best use of technology.

Black Girls In Cyber (BGiC)

Black Girls In Cyber (BGiC)

Black Girls In Cyber's mission is to increase industry awareness and diversity in cybersecurity, privacy, and STEM for women of color.

Morpheus Enterprises

Morpheus Enterprises

Morpheus Enterprises offer managed security solutions designed to keep your web applications secure and your business running smoothly.

Virtual IT Group (VITG)

Virtual IT Group (VITG)

VITG is a cyber security-focused Managed Service Provider (MSP).