Security News > 2021 > November > Suspected REvil Ransomware Affiliates Arrested in Global Takedown

Romanian law enforcement authorities have announced the arrest of two individuals for their roles as affiliates of the REvil ransomware family, dealing a severe blow to one of the most prolific cybercrime gangs in history.

The suspects are believed to have orchestrated more than 5,000 ransomware attacks and extorted close to $600,000 from victims, according to Europol.

The arrests, which happened on November 4, are part of a coordinated operation called GoldDust, which has resulted in the arrest of three other REvil affiliates and two suspects connected to GandCrab in Kuwait and South Korea since February 2021.

In all, the seven suspects linked to the two ransomware families are said to have targeted about 7,000 victims, while collectively demanding more than €200 million in digital ransoms.

Short for Ransomware Evil, REvil is seen as the successor of GandCrab and has been linked to a number of high-profile ransomware attacks subsequent to its emergence in the threat landscape in 2019.

That said, REvil has had a turbulent few months in the wake of Kaseya ransomware attacks, not least in part fuelled by a series of steps taken by governments around the world to tackle the ransomware ecosystem, calling it an "Escalating global security threat with serious economic and security consequences." On July 14, the dark web data leak portals owned by the group went off the grid, only to make a reappearance in September after a two-month break.

News URL

https://thehackernews.com/2021/11/suspected-revil-ransomware-affiliates.html