The Federal Security Service has confirmed the arrest of all members of the REvil group, and claims to have completely shut down its operations at the request of the United States.
The dissolution of REvil comes after a Ukrainian citizen was arrested in Poland last November for using ransomware (also known as REvil) to attack company computers and demand large ransoms to recover the stored information (about 6 million dollars were seized).
Russia has completed the operation after receiving the request of US authorities, with 25 police raids that have resulted in the arrest of 14 personyes; Among them would be the leader of the group, who would not only have directed the ransomware attacks, but would also have stolen money from bank accounts of foreign citizens in Russia.
As part of the operation, Russian agents seized more than six million euros, divided into various currencies, in addition to various “luxury cars”, computer equipment and cryptocurrency wallets, obtained with the money from ransoms and thefts.
REvil became the most wanted hacker group on the planet, after organizing the largest ransomware operation in history, which affected more than 1,500 companies and businesses around the world who saw their servers ‘hijacked’. The group asked for $70 million to end the attack. But that was only the latest of many such attacks.
Unlike other groups, REvil had a penchant for flashy attacks, and they weren’t shy about announcing their achievements on their official “Dark Web” website. Among his victims was Apple, which saw blueprints for its new products (such as the new iMac and new MacBook Pro) posted on the Internet, coming from the servers of one of its suppliers. They also asked for $42 million from the then US president, Donald Trump Jr., not to make public data allegedly obtained from his lawyers’ computers.
Not surprisingly, REvil became the most wanted hacker group on the planet, with the US government offering rewards of up to $10 million for information from its members. Finally, President Joe Biden’s request to Vladimir Putin last summer seems to have been the necessary catalyst for the Russian services to start the operation; however, the SFS clarifies that REvil members with Russian citizenship will not be extradited to the United States.