REvil, the prolific Russian ransomware collective collapses: 14 more arrests


14 members of the hacker group known as REvil, which was talked about a lot last year, were arrested in Russia. The announcement was made today by the FSB, the Kremlin’s secret service agency. A first arrest was made towards the end of last year. REvil was a ransomware collective, acting solely for personal gain – it was not affiliated with any political entity or government intelligence force. Between 2020 and 2021 the group has landed some pretty big hits, which has been talked about a lot, including:

  • How Much Computer. A Taiwanese manufacturer of electronic devices for multiple internationally renowned companies, including Apple. REvil had released some documents, including schematic drawings of the 14 and 16 “MacBook Pros that would be presented a few months later, to show that he meant it and to incentivize Quanta to pay.
  • Acer. The computer manufacturer, also from Taiwan, had been asked for a ransom of $ 50 million in order not to spread the stolen data by compromising a Microsoft Exchange server.
  • JBS. The international meat giant had been forced to stop all the beef processing plants and had suffered various slowdowns and hitches in those for the processing of poultry. Eventually JBS paid $ 11 million in ransom.
  • Kaseya. It is a company that develops software to manage IT networks, systems and infrastructures. The attack caused disruption and disruption to more than 1,000 companies that used the software, including supermarket chains and many others. It was this attack that was instrumental in dismantling REvil and putting the authorities on the trail of those responsible.

Around November last year, two individuals, Yaroslav Vasinskyi and Yevgeniy Polyanin, Ukrainian and Russian respectively, were arrested. Authorities had seized over $ 6.1 million, directly attributable to ransomware payments; the two take a risk up to 115 and 145 years in prison, respectively.

The FSB did not disclose the names of the people arrested in today’s operation, but said it had seized other funds, including 426 million rubles (equivalent to 4.9 million euros), 600,000 US dollars and 500,000 euros. , as well as digital wallets, IT equipment and well 20 luxury cars purchased, says the authority, with the proceeds of cybercrime.