Security News

The government of Ukraine on Sunday formally accused Russia of masterminding the attacks that targeted websites of public institutions and government agencies this past week. "All the evidence points to the fact that Russia is behind the cyber attack," the Ministry of Digital Transformation said in a statement.

In an unprecedented move, Russia's Federal Security Service, the country's principal security agency, on Friday disclosed that it arrested several members belonging to the notorious REvil ransomware gang and neutralized its operations. One of the most active ransomware crews last year, REvil took responsibility for high-profile attacks against JBS and Kaseya, among a string of several others.

Eight members of the REvil ransomware operation that have been detained by Russian officers are currently facing criminal charges for their illegal activity. On Friday, the Federal Security Service of the Russian Federation - the country's domestic intelligence service, announced raids at the homes of 14 individuals suspected to be part of the REvil ransomware gang.

Today, the Russian government announced that they arrested fourteen members of the REvil ransomware gang on behalf of US authorities. While the ransomware gang members are only being charged with "Illegal circulation of means of payment," the arrests are the first public action by Russia to stem the activities of ransomware gangs operating within the country.

Russia's internal security agency said today it had dismantled the REvil ransomware gang's networks and raided its operators' homes following arrests yesterday in Ukraine. Only yesterday five ransomware suspects were arrested in Ukraine, though their gang affiliations were not revealed by local police.

The Russian FSB has identified the entire criminal enterprise known as "REvil". Police raids on 25 addresses in at least Moscow, St. Petersburg, Moscow, Leningrad and Lipetsk.

More than a dozen members of the REvil ransomware group have been arrested courtesy of the Russian government. The Biden administration has been pressuring Russia to take ransomware and its perpetrators seriously, especially amid allegations that groups like REvil have operated with at least the tacit permission of the former Soviet Union.

A "Massive" cyber attack on Ukraine caught the world's eye this morning as the country's foreign ministry said its website, among others, had been taken down by unidentified hackers. Ukraine itself held off on attribution, with a foreign ministry spokesman telling the Reuters newswire it was too early to say who was responsible - but adding Russia has done similar things in the past.

The Federal Security Service of the Russian Federation says that they shut down the REvil ransomware gang after U.S. authorities reported on the leader.REvil ransomware emerged in April 2019 from the void left behind by the shut down of the GandCrab operation.

Russia has stepped up its censorship efforts in the country by fully banning access to the Tor web anonymity service, coinciding with the ban of six virtual private network operators, as the government continues to control the internet and crackdown on attempts to circumvent locally imposed web restrictions. Russia accounts for 15% of all Tor users, with more than 310,000 daily users, second only to the U.S. Tor, short for The Onion Router, enables users to automatically encrypt and reroute their web requests through a network of Tor relays for anonymizing network traffic, as well as help bypass censorship and protect their identities from the internet service providers and the websites they visit.