Russia’s FSB ‘shuts down’ notorious REvil ransomware gang

DMCA / Correction Notice
- Advertisement -

Russian Federal Security Service (FSB) announced On Friday, it closed the operations of the infamous Revil ransomware gang by conducting raids.

- Advertisement -

In the unprecedented move – which will undoubtedly send a message to other ransomware groups operating out of the country – Russian authorities raided 25 addresses in the Moscow, St Petersburg, Leningrad and Lipetsk regions that belonged to 14 suspected members. Revil.

The gang is believed to have ceased operations in July, but before its unsuccessful withdrawal in September, is believed to have carried out some of the most damaging attacks of the past 12 months, including those targeting the Colonial Pipeline. were involved. JBS Foods and American technology firm Kasia


The FSB said it confiscated 426 million rubles and €500,000 (about $6 million), as well as $600,000 in cash, and cryptocurrency wallets, computers and 20 high-end cars.

In a statement, the FSB said it conducted the search at the request of US officials, who were informed of their results.

- Advertisement -

The detained members of the ransomware gang were charged under Russian law for alleged “illegal circulation of means of payment”. Russian officials have not released the names of any of the suspects.

“As a result of the joint actions of the FSB and the Ministry of Internal Affairs of Russia, the organized criminal community ceased to exist, the information infrastructure used for criminal purposes was neutralized,” the FSB said in a statement.

News of the FSB’s surprise operation comes two months after the US Justice Department accused a 22-year-old Ukrainian national linked to the Revil ransomware gang of orchestrating a ransomware attack against US technology firm Kasya in July. Seven other members of the Reville gang were also arrested throughout 2021 following a coordinated operation by Europol. In July, President Biden urged Russia to follow suit, pressuring Russian President Vladimir Putin to take action to disrupt these criminal gangs.

The action by the FSB comes just hours after a major cyberattack in Ukraine on Friday took down government websites including websites for the Foreign Ministry, the National Security and Defense Council and the Cabinet of Ministers of State. Officials said it was too early to draw any conclusions but pointed to a “long record” of Russian cyber attacks against Ukraine.

- Advertisement -

Stay on top - Get the daily news in your inbox

Recent Articles

Related Stories