Russia Arrests REvil Ransomware Members At U.S. Request

Share post:

In a rare display of cooperation between the U.S. and Russia, Soviet authorities last week launched a sweeping arrest of members of the REVil ransomware gang.

On Friday, the Federal Security Service of the Russian Federation’s partnership with the Ministry of Internal Affairs of Russia resulted in the arrest of 14 people associated with the notorious ransomware group.

In total, 25 residential addresses were searched, which led not only to the arrest of 14 people but also to the seizing of assets of the ransomware gang, which included more than 426 million rubles, €500,000, $600,000 in U.S. dollars, crypto wallets, computer equipment and 20 luxury cars obtained through the gang’s operations.

The court initially identified six men as members of the REvil group: Mikhail Golovachuk, Ruslan Khansvyarov, Dmitry Korotayev, Alexei Malozemov, Artyom Zayets and Daniil Puzyrevsky. They were accused of committing crimes that violated Part 2 of Article 187 “Illegal circulation of means of payment” of the Criminal Code of Russia.

The operation was carried out at the behest of U.S. authorities, and the US was informed of the outcome, according to the FSB.

“The investigative measures were based on a request from the … United States,” the FSB said, according to Reuters. “The organized criminal association has ceased to exist, and the information infrastructure used for criminal purposes was neutralized.”

The group allegedly seized operations last October, when a multi-country operation of law enforcement and cyber experts was able to hack and take control of REvil’s computer network infrastructure. Afterwards, the gang members operated relatively secretly but remained at large.

With the FSB stating that the operation was carried out at the request of the U.S. government, Chris Morgan, senior cyber threats analyst at Digital Shadows, believes that this could be a backhanded message that Russia can in certain circumstances be used to stop ransomware activities.

Morgan added that the FSB may have also carried out raids at REvil, because the arrests would have little impact on the current ransomware landscape, although the gang is a high-profile U.S. target.

For more information, read the original stories in TechRepublic and Reuters.

Featured Tech Jobs


Related articles

Abuse of valid accounts by threat actors hits a high, says IBM

Attackers are finding that obtaining valid credentials is an easier route to achieving their goals, s

Opposition MPs hammer head of PHAC over ArriveCAN app

Opposition calls $59 million cost and lack of oversight over the ArriveCAN app a "b

Cyber Security Today, Feb. 21, 2024 – A patch warning from ConnectWise, the latest ransomware news, and more

This episode reports on a report comparing business email compromise attacks against ransomware

UK leads takedown of LockBit ransomware gang’s website

The LockBit ransomware gang’s website has been seized, several news agencies reported late Monday. The Reuters news agency and The Register are carrying stories based on a new splash screen that has appeared on the gang’s website. It says, “This site is now under the control of the National Crime Agency of the UK, working

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways