REvil Affiliates Arrested; DOJ Seizes $6.1M in Ransom

The U.S. is seeking the extradition of a Ukrainian man, Yaroslav Vasinskyi, whom they suspect is behind the Kaseya supply-chain attacks and other REvil attacks.

International law enforcement is squeezing REvil affiliates out of hiding, but the underground is shrugging it off: They know that Russia won’t touch a hair on the heads of the Russian ransomware operators, experts say.

On Monday, Europol announced the arrest of a total of seven suspected REvil/GandCrab ransomware affiliates – one of which is a Ukrainian charged by the United States with ransomware assaults that include the Kaseya attacks attributed to REvil.

To put the news into perspective, affiliates are a dime a dozen: They’re the cybercriminals that rent out ransomware in the ransomware-as-a-service (RaaS) economy, not the masterminds who hide away in sympathetic countries like Russia.

Late last month, Germany identified an alleged core REvil operator, but all that German authorities can do is clutch their arrest warrant and wait for the Russian billionaire to leave the safety of the motherland. Don’t hold your breath, experts say: The crooks know which countries have extradition agreements and which don’t.

DOJ Seizes $6.1M in Ransom Profits

On Monday, U.S. Department

Read More: https://threatpost.com/revil-affiliates-arrested-doj-europol/176087/