Suspected REvil scammers arrested amid ongoing crackdown on ransomware

Written by
Nov 8, 2021 | CYBERSCOOP

Two cybercrime suspects accused of launching 5,000 ransomware attacks and netting roughly $579,000 were arrested by Romanian authorities, Europol announced Monday.

The suspects are sallegedly used the REvil ransomware strain, the malware variant associated with a notorious Russian cybercrime gang that’s been used in a recent string of high-profile international ransomware incidents. REvil was, until recently, perhaps the most commonly used ransomware generating hundreds of millions in revenue for attackers and affiliates.

The Europol arrests coincide with the U.S. Department of Justice’s seizure of $6 million in ransomware payments in connection with REvil activity, according to CNN. Authorities have charged Yevgeniy Polyanin, a Russian national, and Ukrainian Yaroslav Vasinskyi, who’s arrest was first reported by CyberScoop, in connection with deploying REvil ransomware.

The arrests mark the sixth and seventh arrests in an ongoing international law enforcement crackdown on ransomware operators. Since February, Europol said, three REvil affiliates have been arrested, along with two suspects connected to GandCrab, a formerly prolific strain of malware. Earlier arrests happened elsewhere in Europe, South Korea and Kuwait.

The arrests are part of Operation GoldDust, which involves 17 countries, including the United States, in a

Read More: