Final blow to REvil: Russia claims it has dismantled the dangerous ransomware group

On By Garmin Philip

The Russian Federal Security Service (FSB) announced this Friday that arrested REvil members and neutralized the criminal infrastructure associated with their ransomware crimes. As a consequence of these actions, he points out, “the organized criminal community has ceased to exist.”

What Explain the Russian federal body on its website, arrest activities and seizures were made after a request from the United States, but it was the FSB who, in cooperation with other state departments, managed to establish “the full composition” of the gang.

Blow to REvil and message to other ransomware gangs

The coordinated operation aimed 25 addresses distributed in Moscow, St. Petersburg, Leningrad and Lipetsk, that were associated with 14 suspected members of the REvil cybercriminal gang.

Authorities say they seized more than 426 million rubles and 500,000 euros, as well as 600,000 dollars in cash. Also cryptocurrency wallets, computers and 20 high-end cars “bought with money obtained from crime”.

What's the difference: Malware, Viruses, Worms, Spyware, Trojans, Ransomware, etc?

The FSB has not provided the names or the number of individuals arrested in the operation, but has said that they will be charged with committing crimes of “illegal circulation of means of payment.” under the orbit of the Criminal Code of Russia.

At the moment it is unknown if those arrested will be transferred to the United States. However, the Russian authorities say that their American counterparts informed about the results of the operation.

“As a result of the joint actions of the FSB and the Russian Interior Ministry, the organized criminal community ceased to exist, the infrastructure was neutralized of information used for criminal purposes.

A band that has been falling apart

The United States was one of the worst victims of REvil’s actions. cyber criminals attacked part of the country’s critical infrastructure targeting the Colonial Pipeline pipeline company.

U.S

Later it was the turn of JBS, a multinational in the food industry, and Kaseya, a software company that provides services to more than 40,000 corporate clients worldwide.

What is Ransomware and how can you protect yourself from it?

However, after this latest attack, the FBI managed to compromise a REvil backup that was not isolated from the system and, in a joint operation with several countries, in October 2021 it left the group without the ability to continue operating at that time.

Later, in November, as part of Operation GoldDust, Interpol arrested seven suspected crackers, including the alleged perpetrator of the ransomware attack on the technology company Kaseya, linked to REvil.

Now it only remains to wait to find out if this really is the end of Revil as a band, since the hierarchy of members detained by the FBS is still unclear. They could be leaders or lower-level members.

Via | Reuters

Images |Unsplash (1 Y 2 )

Reference-www.xataka.com