REvil has been busted. The Russian government launched a manhunt for members of the hacking group. The FSB, a Russian intelligence agency, announces that 14 members were arrested and charged.
The FSB searched dozens of homes and detained 14 people. The intelligence agency seized 426 million rubles, $600,000, 500,000 euros and 20 vehicles. “The organized crime group has seized to exist. The organization’s IT infrastructure has been neutralized”, the FSB said.
Footage of the arrests was broadcasted by REN TV, a Russian television channel. The footage shows agents detaining suspects and confiscating stacked bills. The arrestees are facing prison terms of up to seven years.
The US government has been hunting REvil for some time. Since November 2021, golden tips on the locations of REvil members are eligible for rewards of up to 10 million dollars.
The FSB says it made the arrests at the request of the US. A source familiar with the matter told Interfax (Russian press) that REvil members with Russian citizenship will not be handed over to the US. Reuters asked the US Embassy in Moscow for a statement. The embassy said it could not comment at this time.
Over the past two years, REvil has claimed multiple victims by developing and spreading ransomware. REvil is responsible for the infamous attack on Kaseya, a developer of management software for MSPs.
Organizations were affected worldwide. Coop, a supermarket chain, closed 800 stores to control the damage of an attack on cash register systems. Several European MSP’s were under fire.
The attack put worldwide intelligence agencies and security organizations on edge. After the incident, REvil vanished. In October 2021, the group’s servers were hacked by a multi-government attack.
Multiple suspects have been arrested in recent months. Two REvil members — Yaroslav Vasinskyi and Yevgeniy Polyanin — were extradited to the US. In November 2021, they were sentenced to prison terms exceeding 100 years. The new Russian arrestees are facing a maximum sentence of seven years.