Another setback for REvil. But this time, the arrests have taken place in Russia: Russian intelligence today announced the arrest of several people accused of being members of the REvil ransomware group, as well as the dismantling of the infrastructure used by the group for its attacks.
In a press release, the Federal Security Service of the Russian Federation (FSB) announced that it had carried out an operation that allowed it to identify the members of the cybercriminal group and to carry out various searches in the residences of the members of the group. . According to the FSB, these raids would have led to the seizure of significant sums of money: 426 million Russian rubles, 600,000 dollars and 500,000 euros in cash, as well as various computers, cars and electronic wallets used to store cryptocurrencies.
The Russian authorities do not give the exact number of people detained, but indicate that the suspects are accused of payment fraud.
The group had been keeping a low profile since November.
The FSB press release recalls that this action comes after the accusations presented by the US justice system, which had identified several members of the REvil group and accused them of several ransomware computer attacks.
In November 2021, the US justice system revealed accusations against a Ukrainian citizen and a Russian citizen, accused of being behind attacks attributed to the REvil/Sodinokibi group. The Ukrainian citizen was arrested by the police, while the Russian citizen was not detained. Europol had also announced the arrest of seven suspects linked to the REvil/Sodinokibi and GandCrab groups on the same date.
A few days before the arrests, a government coalition had already committed to dismantling the infrastructure used by the group for its operations. Since that date, the cybercriminal group had kept a low profile, but members of the group residing in Russia had not been concerned.
A particularly prolific ransomware group
The REvil/Sodinokibi group is one of the most active ransomware groups in the last two years.
In particular, he is blamed for the attacks against the American managed services provider Kaseya, but also for the ransomware attacks that paralyzed the agri-food giant JBS or the attack against the French group Pierre Fabre in April 2021.
Woodmart Theme Nulled, WP Reset Pro, Newspaper 11.2, Newspaper – News & WooCommerce WordPress Theme, Premium Addons for Elementor, Rank Math Seo Pro Weadown, WeaPlay, WordPress Theme, Plugins, PHP Script, Jannah Nulled, Elementor Pro Weadown, Woocommerce Custom Product Ad, Business Consulting Nulled, Jnews 8.1.0 Nulled, Avada 7.4 Nulled, Nulledfire, Dokan Pro Nulled, Yoast Nulled, Flatsome Nulled, PW WooCommerce Gift Cards Pro Nulled, Astra Pro Nulled, Woodmart Theme Nulled, Slider Revolution Nulled, Wordfence Premium Nulled, Elementor Pro Weadown, Wpml Nulled, Consulting 6.1.4 Nulled, Fs Poster Plugin Nulled