Security News

Russia's internal security agency said today it had dismantled the REvil ransomware gang's networks and raided its operators' homes following arrests yesterday in Ukraine. Only yesterday five ransomware suspects were arrested in Ukraine, though their gang affiliations were not revealed by local police.

The Russian FSB has identified the entire criminal enterprise known as "REvil". Police raids on 25 addresses in at least Moscow, St. Petersburg, Moscow, Leningrad and Lipetsk.

More than a dozen members of the REvil ransomware group have been arrested courtesy of the Russian government. The Biden administration has been pressuring Russia to take ransomware and its perpetrators seriously, especially amid allegations that groups like REvil have operated with at least the tacit permission of the former Soviet Union.

Russia's Federal Security Service has swooped in to "Liquidate" the REvil ransomware gang, it said on Friday. The move comes two weeks after a high-stakes phone call between Russian President Vladimir Putin and U.S. President Joe Biden, who has been calling for action against Russia-dwelling ransomware gangs for months.

The Federal Security Service of the Russian Federation says that they shut down the REvil ransomware gang after U.S. authorities reported on the leader.REvil ransomware emerged in April 2019 from the void left behind by the shut down of the GandCrab operation.

The Federal Security Service of the Russian Federation says that they shut down the REvil ransomware gang after U.S. authorities reported on the leader. More than a dozen members of the gang have been arrested following police raids at 25 addresses, the Russian security agency says in a press release today.

A free master decryptor for the REvil ransomware operation has been released, allowing all victims encrypted before the gang disappeared to recover their files for free.While Bitdefender could not share details about how they obtained the master decryption key or the law enforcement agency involved, they told BleepingComputer that it works for all REvil victims encrypted before July 13th. "As per our blog post, we received the keys from a trusted law enforcement partner, and unfortunately, this is the only information we are at liberty to disclose right now," Bitdefender's Bogdan Botezatu, Director of Threat Research and Reporting, told BleepingComputer.