Security News > 2022 > January > Russia arrests REvil ransomware gang members at request of US officials
More than a dozen members of the REvil ransomware group have been arrested courtesy of the Russian government.
The Biden administration has been pressuring Russia to take ransomware and its perpetrators seriously, especially amid allegations that groups like REvil have operated with at least the tacit permission of the former Soviet Union.
"It's likely that the arrests against REvil members were politically motivated, with Russia looking to use the event as leverage," Morgan said.
"It could be debated that this may relate to sanctions against Russia recently proposed in the U.S., or the developing situation on Ukraine's border. The fact that the FSB targeted REvil, who have not been publicly active in conducting attacks since October 2021, is also significant. Chatter on Russian cybercriminal forums identified this sentiment, suggesting that REvil were 'pawns in a big political game,' while another user suggested that Russia made the arrests 'on purpose' so that the United States would 'calm down.'".
The FSB might have also raided REvil knowing that the group was a high-priority target for the U.S. but that the arrests would have little impact on the current ransomware landscape, Morgan added.
"They've weathered digital attacks and take-downs but always seemed to bounce back. Why? Because digital actions are nothing without arrests of key members of the gang. That being said, REvil is not the first Russian cyber crew to be wiped out by Russian authorities and won't be the last. In the past, when a group gets as large and prolific as this on the global stage, Russia eventually steps in."