Ransomware: Russian prosecutors allegedly break up REvil group

Share your love

According to the Russian domestic secret service FSB, it has broken up the cybercrime group REvil. The FSB announced on Friday that this had complied with a request from the responsible authorities in the USA. REvil was recently one of the most aggressive propagators of blackmail Trojans, the members of the group were identified through their payment transactions. The FSB writes that the illegal activities have been documented. Law enforcement agencies have now searched premises at 25 addresses and arrested 14 people. Funds worth the equivalent of around 5 million euros were confiscated, including cash in various currencies and crypto money, as well as “20 premium class cars”.

Since their involvement in last summer’s devastating Kaseya attack, REvil has been in the spotlight. The group distributed its blackmail Trojan using a business model that can be described as ransomware-as-a-service: it leased or licensed the malware it had developed and the associated decryption and payment infrastructure to other criminals, so-called affiliates or partners. In the case of REvil, those responsible received 30 percent of the partners’ proceeds. After the Kasyea attack, the group apparently engaged in a cat-and-mouse game with law enforcement officers around the world. In the meantime, the group was allegedly hacked itself and subsequently disappeared from the network. German authorities had identified a suspect responsible for REvil and prepared an arrest warrant.

Now what exactly? to the arrests and led to the alleged breakup of REvil is not yet known. So far, Russia has not been known to comply with such requests, for example from the USA. As recently as September, a US cybersecurity firm explained that the Kremlin’s secret services and law enforcement agencies have at least enough influence over criminal hacker groups like REvil to get them to temporarily stand still. Relations between cybercriminals and state officials are based on spoken and unspoken agreements. Possibly the pressure from the USA regarding REvil had recently become too strong. It is not yet known what will happen to the arrested person. The United States was informed of the action writes the FSB yet.

Read Also   Online workshop: Getting started with continuous integration with Jenkins


(mho)

Article Source

Share your love