Wednesday, June 19, 2024

FSB arrests REvil ransomware gang members

The Russian Federal Security Service (FSB) said today that it has raided and shut down the operations of the REvil ransomware gang.

Raids were conducted today at 25 residents owned by 14 members suspected to be part of the REvil team across Moscow, St. Petersburg, Leningrad, and the Lipetsk regions.

This comes just a day after Ukrainian authorities confirmed they had made arrests including one of an alleged ransomware gang ringleader.

Authorities said they seized more than 426 million rubles, $600,000, and €500,000 in cash, along with cryptocurrency wallets, computers, and 20 expensive cars.

“The detained members of the [organized criminal structure] were charged with committing crimes under Part 2 of Art. 187 ‘Illegal circulation of means of payment’ of the Criminal Code of Russia,” the FSB said in a press release today.

The FSB, which serves as Russia’s internal intelligence agency, said it conducted its operation at the request of US authorities, which were notified of their results.

The raid comes after President Biden and US authorities have pressured Russian President Vladimir Putin repeatedly over the summer to crack down on the Russian underground cybercrime ecosystem, which harbors many of today’s top ransomware crews.

Kaseya attack aftermath

The REvil gang was one of the most active ransomware crews last year, being responsible for the attack against JBS Foods, which impacted the meat supply across the US and Australia in May, and the attack on IT provider Kaseya during the 4th of July weekend.

After US authorities started pressuring Russian officials, the REvil gang shuttered operations in July but then attempted a comeback in September before having some of their dark web servers seized by US authorities.

Recommended:  More than 250 US news sites inject malware in possible supply chain attack

Seven other REvil gang members were also arrested throughout 2021, following operations coordinated by Europol.

The FSB has not released the names of any of the suspects.

“Representatives of the competent US authorities were informed about the results of the operation,” the agency said.

You may also enjoy reading,

FSB Press Release

Return to cybersecurity news


ClosePlease login
Share the word, let's increase Cybersecurity Awareness as we know it
- Sponsored -

Sponsored Offer

Unleash the Power of the Cloud: Grab $200 Credit for 60 Days on DigitalOcean!

Digital ocean free 200

Discover more infosec

User Avatar
Steven Black (n0tst3)
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK. I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated... I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK. I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!

more infosec reads

Subscribe for weekly updates