REvil Hackers Arrested

REvil Hackers ArrestedThe Russian government announced it arrested 14 people associated with the hacker group REvil on Friday. REvil was identified as the most aggressive ransomware group in the first half of 2021. They were associated with the Colonial Pipeline attack that forced the shutdown of a major US fuel pipeline and created gas shortages across the southeast of the country. The group was also associated with the ransomware attack on JBS Foods that extorted $11 million from the US-based company.

The group went offline in July of 2021, only to return a few months later. The FBI successfully hacked into the criminal servers after they came back online in September to gather intelligence on the organization. The arrests are the first time Russia has taken action against hackers at the request of the US. The identities of those arrested were not released but took place in Moscow, St. Petersburg, and the Lipetsk region. Russian FSB agents seized $6.8 million in various currencies including $600,000 USD, 500,000 euros, 20 premium vehicles, computer equipment, and cryptocurrency wallets.

While the raid is being praised in the cybersecurity community, the timing is viewed as having ulterior motives. The arrests come at a time of increased tension at the border of Ukraine and talks with the US and NATO have failed to deescalate the situation. Additionally, Ukrainian government websites were defaced Friday with a message “Be afraid and expect the worst.”

Cybersecurity experts are hopeful that the move marks a turning point in Russia’s involvement in ransomware criminals. There is also optimism that the raid will put other hacker groups on notice that the era of indifference from the government has come to an end.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright