Russian authorities round up 14 REvil ransomware gang members

Russian authorities have arrested 14 members of the infamous REvil ransomware gang and dismantled the network after a raid across Russian cities Moscow, St. Petersburg and Lipetsk.

Russia’s Federal Security Service (FSB) announced the raid that stopped the illegal activities and said the actions were taken in response to talks with U.S. officials and “the appeal of competent U.S. authorities.”

“As a result of a complex of coordinated investigative and operational search activities, funds were seized at 25 addresses at the places of residence of 14 members of the organized criminal community: over 426 million rubles, including in cryptocurrency, 600 thousand US dollars, 500 thousand euros, as well as computer equipment, crypto wallets used to commit crimes, 20 premium cars purchased with money obtained from crime,” the FSB stated in the report.

Brian Krebs also wrote that Russian authorities may had been spurred into action against the REvil gang to alleviate political pressure over Russian authorities amassing nearly 100,000 troops along the Ukranian border, as well as after Europol announced the arrest of seven REvil members in November, 2021.

Authorities in the U.S., to include the FBI, have repeatedly warned of increased ransomware threats, to include last year’s increasing attacks against the U.S. Food and Agriculture sector, such as the world’s largest global meat producer JBS USA.

Moreover, the REvil gang was also was allegedly behind the Colonial Pipeline ransomware attack that caused the shut down of nearly half of the East Coast’s fuel delivery last May. Colonial Pipeline ended up paying about $4.4 million in bitcoin, of which over half was recovered by U.S. officials the following month.

The cybercriminal group is allegedly the same group behind previous REvil ransomware attacks against VSA Software and Travelex.

Related Articles