Security News > 2021 > November > REvil ransomware affiliates arrested in Romania and Kuwait
Romanian law enforcement authorities have arrested two suspects believed to be Sodinokibi/REvil ransomware affiliates on November 4, both of them allegedly responsible for infecting thousands of victims.
On the same day, Kuwaiti authorities also arrested a GandGrab ransomware affiliate, the three of them being suspected of roughly 7,000 attacks and of asking more than €200 million in ransoms.
Authorities arrested seven suspects linked to REvil and GandGrab this year in total.
Three other individuals believed to be REvil affiliates were apprehended in South Korea in February, April, and October, and one was arrested in Europe last month.
The announcement, made today by Europol, says the arrests are the results of operation GoldDust, which involved law enforcement agents from 17 countries, the Europol, Eurojust, and the INTERPOL. "Since 2018, Europol has supported a Romanian-led investigation which targets the GandCrab ransomware family and involved law enforcement authorities from a number of countries, including the United Kingdom and the United States," the Europol said.
Their Ransomware-as-a-Service operations can easily be disrupted by arresting ransomware affiliates located all over the world.