New Threat Research: MalSync Teardown: From DLL Hijacking to PHP Malware for Windows  

Read Threat Research

Search

Russian Government Arrests REvil Ransomware Gang Members

In a statement released by the Russian Federal Security Service (FSB), Russian authorities arrested and shutdown the notorious ransomware group REvil. The arrests were made after US authorities reported on the leader of the group to Russia. The FSB released the following statement on the situation. “The basis for the arrest was the appeal of the competent US authorities. US authorities reported the leader of the criminal community and his involvement in encroachments on the information resources of foreign high-tech companies by introducing malicious software, encrypting information, and extorting money funds for its decryption.” Russian authorities detained 14 individuals suspected of being part of the REvil group and confiscated nearly $7 million in cryptocurrency and fiat money. The arrests took place at addresses in Moscow, St. Petersburg, Moscow, Leningrad, and Lipetsk regions. The FSB informed US authorities following the arrests.

Analyst Notes

President Biden has had several discussions with Russian President Vladimir Putin about Russian based criminal groups carrying out cyber attacks on US organizations. Most recently in December when the two world leaders held a video conference surrounding the current tensions at the Ukrainian-Russian border. The US is one of several countries that have asked Putin to act against cyber criminals in Russia, these arrests could be the beginning of a shift in policy by Russia. This is also taking place against a backdrop of a complex geopolitical situation between Russia and the Ukraine and may be a message to world leaders that Russia is willing to be more cooperative. Binary defense analysts will continue to monitor this situation and how it will drastically impact the threat landscape on Russian criminal forums.

https://www.bleepingcomputer.com/news/security/russian-government-arrests-revil-ransomware-gang-members/