In an unprecedented move, Russia's Federal Security Service (FSB) announced the arrest of several members of the notorious REvil ransomware gang on Friday.
The raids were allegedly carried out at the request of US authorities, with law enforcement agencies carrying out raids on 25 addresses in the cities of Moscow, St. Petersburg, Moscow, Leningrad and Lipetsk belonging to 14 suspected members Organized cybercrime groups.
"In order to carry out their criminal plan, these individuals developed malware, organized the theft of funds from the bank accounts of foreign citizens and cashed them out, including through the purchase of expensive goods on the Internet," the FSB said in a statement.
In addition, the FSB seized more than 426 million rubles, including cryptocurrency, 600,000 US dollars, 500,000 euros, as well as computer equipment used in crimes, crypto wallets and 20 luxury cars purchased with illegally obtained money.
One of the most active ransomware groups last year, REvil was responsible for high-profile attacks on JBS and Kaseya, among others. The U.S. government told Reuters that one of those arrested was also behind a ransomware attack on Colonial Pipeline in May 2021, reaffirming REvil's ties to another group called DarkSide.
The group officially shut down shop in October 2021 after U.S. intervention took its network of darknet servers offline. The next month, Romanian law enforcement authorities announced the arrest of two individuals for being affiliated with the REvil ransomware family, even as the United States charged a 22-year-old Ukrainian citizen associated with the ransomware gang with masterminding the Kaseya ransomware attacks.
All detainees were charged with "illegal circulation of means of payment," a criminal offense punishable by up to six years in prison. The suspects were not named, but Reuters noted that a Moscow court identified two of the men as Roman Muromsky and Andrei Bessonov.
This article is from a contribution, does not represent the position of the Chief Security Officer, if reproduced, please specify the source: https://cncso.com/en/revil-ransomware-gang-arrested-by-fsb-html