The takedown is a rare case of cooperation between the US and Russia at a time when the two countries are tense over Ukraine. According to a senior official, the US welcomed the arrest, adding that “we know of one of the individuals arrested today in connection with the ransomware attack against the Colonial Pipeline last spring.” .
In May 2021, encryption software called DarkSide, developed by REvil associates, was used to attack the Colonial Pipeline leading to widespread gas shortages on the US East Coast.
|Police and FSB searched 25 addresses, arrested 14 people related to the famous hacker group REvil|
Police and the FSB searched 25 addresses, arrested 14 people, listed the properties they seized, including 426 million rubles, $600,000, 500,000 euros, computer equipment and 20 luxury cars. A court in Moscow (Russia) has identified two of the men in the group arrested as Roman Muromsky and Andrei Bessonov. The two will be detained for two months.
The FSB said Russia had directly told Washington authorities about the moves it was taking against the group. The US Embassy in Moscow was not immediately available for comment. “The investigative measure is based on a request from the US. The organized crime group has ceased to exist, and the information infrastructure used for criminal purposes has been disabled,” the FSB said.
Members of the group have been charged and could face up to seven years in prison. A source with knowledge of the case said that REvil members with Russian citizenship will not be handed over to the US.
November 2021, the US has offered a reward of up to 10 million USD for information that helps identify or locate anyone holding a key position in the REvil group. The US has been hit by a series of famous cases when cybercriminals want to seek large amounts of ransom.
In June 2021, a source familiar with the matter told Reuters that REvil was suspected of being the group behind the ransomware attack on the world’s largest meat company JBS SA. In the past, the Washington government has repeatedly accused the Russian state of being involved in malicious activity on the internet, but Russia has denied it.