REvil Affiliates Arrested; DOJ Seizes $6.1M in Ransom

2021-11-09 00:01

The DOJ said that the money was traced back to alleged ransom payments received by Yevgeniy Polyanin, 28, a Russian national, who's also been charged with REvil ransomware attacks against multiple victims, including businesses and government entities in Texas on or about Aug. 16, 2019.

Romanian authorities arrested two suspected REvil operators whom they suspect are behind 5,000 infections and who've allegedly pocketed half a million euros in ransom payments.

In Monday's announcement, Europol said that this brings the tally of REvil/GandCrab arrests to five since February 2021: three other REvil affiliates have been arrested, plus two suspects allegedly linked to REvil's successor, GandCrab.

Some in the cybercriminal underground thought that REvil may have taken its servers down on purpose, while others speculated that the main REvil spokesperson - "Unknown" - had either disappeared or died.

On top of the news from the DOJ and Europol, Monday was a jubilant REvil pigpile as Bitdefender released results of its universal REvil decryptor, announcing that so far, it's saved companies over $550 million in ransom fees.

In September, word got out that REvil operators screwed the gang's own affiliates out of ransom by using double chats and a backdoor to hijack the payments.

News URL

https://threatpost.com/revil-affiliates-arrested-doj-europol/176087/

#DOJ #ransom