Security News > 2022 > January > Russia arrests REvil ransomware gang members at request of US officials
More than a dozen members of the REvil ransomware group have been arrested courtesy of the Russian government.
The Biden administration has been pressuring Russia to take ransomware and its perpetrators seriously, especially amid allegations that groups like REvil have operated with at least the tacit permission of the former Soviet Union.
"It's likely that the arrests against REvil members were politically motivated, with Russia looking to use the event as leverage," Morgan said.
"It could be debated that this may relate to sanctions against Russia recently proposed in the U.S., or the developing situation on Ukraine's border. The fact that the FSB targeted REvil, who have not been publicly active in conducting attacks since October 2021, is also significant. Chatter on Russian cybercriminal forums identified this sentiment, suggesting that REvil were 'pawns in a big political game,' while another user suggested that Russia made the arrests 'on purpose' so that the United States would 'calm down.'".
The FSB might have also raided REvil knowing that the group was a high-priority target for the U.S. but that the arrests would have little impact on the current ransomware landscape, Morgan added.
"They've weathered digital attacks and take-downs but always seemed to bounce back. Why? Because digital actions are nothing without arrests of key members of the gang. That being said, REvil is not the first Russian cyber crew to be wiped out by Russian authorities and won't be the last. In the past, when a group gets as large and prolific as this on the global stage, Russia eventually steps in."
News URL
Related news
- Russia arrests cybercriminal Wazawaka for ties with ransomware gangs (source)
- Ransomware fiends boast they've stolen 1.4TB from US pharmacy network (source)
- US charges Phobos ransomware admin after South Korea extradition (source)
- Phobos ransomware administrator faces US cybercrime charges (source)
- Russian suspected Phobos ransomware admin extradited to US over $16M extortion (source)
- Mega US healthcare payments network restores system 9 months after ransomware attack (source)
- Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack' (source)
- Russia arrests one of its own – a cybercrime suspect on FBI's most wanted list (source)
- US government, energy sector contractor hit by ransomware (source)
- Vodka maker Stoli files for bankruptcy in US after ransomware attack (source)