REvil hackers were arrested by the FSB on the orders of the United States

On Friday January 14, 2022, the Russian intelligence services (FSB) confirmed having led an operation against the notorious cybercriminal group REvil. Arrests demanded by the United States, to stop one of the largest criminal networks in the world, practicing ransomware attacks.

The end of the reign for REvil?

The FSB specifies that at the time of the searches, 426 million rubles (4.9 million euros), 600,000 dollars and 500,000 euros were seized, as well as cryptocurrency wallets and a twenty luxury cars. Russian intelligence services claim that the entire cybercriminal group has been dismantled.

In the same category

The European Parliament sanctioned for having allowed the transfer of data outside the EU

Russia specifies that the investigation and the arrests were carried out by the competent American authorities. Unprecedented cooperation between the two great world powers, to stop the actions of a cybercriminal network extremely active. The US administration said it was satisfied with the results of this investigation.

REvil was a highly sought after cybercriminal group. The Russian-speaking hackers belonging to this organization made several very important victims. One thinks for example of Quanta, a subcontractor of Apple, or the American subsidiary of the Brazilian group of the JBS meat sector. That’s not all, the DarkSide software, developed by associates of REvil was used for the Colonial Pipeline hack in May 2021…

A long-term job

In the fall, the first arrests of hackers linked to the REvil group took place as part of Operation GoldDust involving 17 countries, including France, as well as Interpol, Europol and Eurojust. At the time, Yaroslav Vasinskyi, a 22-year-old Ukrainian youth particularly wanted for leading the attack on Kaseya in early July 2021, was arrested. As part of this operation, the young pirate had claimed 58 million euros.

At the same time, another Ukrainian, Evgeniy Igorevich Polyanin, had also been charged, without being arrested. He is suspected of having carried out, in 2019, an attack against nearly 40 municipalities in Texas. A few weeks before these first arrests, the American authorities had carried out a cyberattack against REvil.

At the time, Tom Kellermann, head of cybersecurity strategy at VMWare explained that “The FBI, in conjunction with Cyber ​​Command, the Secret Service, and like-minded countries, has carried out significant disruptive actions against these cybercriminal groups”. The White House declined to comment because the operation was still ongoing. Today, REvil seems well and truly down.


Leave a Reply