The total number of arrests made concerning Sodinokibi/REvil and GandCrab ransomware is now seven.
Europol launched a multi-agency operation to catch REvil ransomware operators (Ransomware-Evil) based on their findings of an old ransomware strain, GrandCrab, which authorities believe is the predecessor of REvil.
Dubbed Operation GoldDust; around seventeen countries took part in the operation. These include the UK, the USA, France, Australia, and Germany. As a result, five hackers associated with REvil and involved in thousands of cyberattacks have gotten arrested since February 2021.
Europol announced that the suspects are mainly involved in the Sodinokibi/REvil and GandCrab ransomware activities. The total number of arrests made concerning Sodinokibi/REvil and GandCrab ransomware is now seven. The operation involved Europol, Eurojust, and Interpol.
About the Suspects
The suspects arrested under Operation GoldDust include two Romanian citizens arrested by Romanian authorities on 4 November. One suspect was arrested in early October from the Polish border after the US issued an international arrest warrant.
The fourth suspect is a Ukrainian national who allegedly perpetrated the Kaseya attack that impacted around 1500 downstream businesses and attackers demanded €70 million ransom. Kuwaiti authorities arrested a GrandCrab affiliate on 4 November.
Moreover, in February