Russian authorities take down REvil ransomware gang

Suspected members of the cyber criminal REvil ransomware gang have been detained and the group has been dismantled following raids by Russia’s Federal Security Service (FSB), Moscow has said. 

Joint action by the FSB and the Ministry of Internal Affairs of Russia was taken at 25 properties across several regions of Russia, including Moscow, St. Petersburg and Lipetsk, linked to 14 members of the REvil ransomware group.

According to a statement from the FSB, several member of REvil have been detained and charged. Computer equipment has been seized along with cryptocurrency and crypto wallets, as well as over 426 million rubles, $600,000 US dollars and Є500,000 in Euros. It said 20 luxury cars bought with money obtained from ransomware attacks has have also been seized.

SEE: A winning strategy for cybersecurity (ZDNet special report)    

The raids took place following requests from the United States, which has been a major victim of ransomware attacks by REvil.

Previous action has been taken against REvil, including suspected members being arrested in Romania and Ukraine, but the raids by the FSB is the first time Russian authorities have taken action against the group.

One of the most significant alleged REvil attacks targeted Kaseya, an IT solutions developer

Read More: