Russian authorities on January 14 announced the arrest of over a dozen alleged members of the REvil hacking group, which is accused by the United States of involvement in a number of high-profile ransomware attacks.
In May 2021, REvil hackers were blamed for crippling the operations of the Colonial Pipeline, the largest fuel pipeline in the US, and for attacking the digital infrastructure of JBS, the world’s highest volume meat processor. Two months later, REvil took credit for additional cyberattacks that impacted hundreds of businesses in the US and abroad, demanding cryptocurrency payments to restore computer systems.
Friday’s announcement by Russia’s Federal Security Service (FSB) was an apparent rare example of cooperation between Washington and Moscow. The FSB said it began an investigation into the group after being provided with information from “competent US agencies that notified about a criminal group leader and the group’s involvement in attacks on IT resources of foreign high-tech companies by implanting malware, encrypting data and extorting money for its decryption,” according to Russian news agency TASS.
The FSB said it raided 25 addresses linked to 14 alleged members of REvil, seizing “more than 426 million rubles ($5.6 million) including in cryptocurrency; 600,000 US dollars; 500,000 euros; as well as computer equipment, crypto wallets that were used to perpetrate crimes, and 20 luxury cars that were purchased with illicitly obtained money.” Credit: FSB via Storyful