TL;DR Breakdown
- US push Russian authorities to burst REvil hackers.
- FSB confiscate $5.5m in cash, crypto after the raid.
REvil hackers are the latest criminals to feel the wrath of Russian authorities who conducted a major raid operation on the notorious ransomware gangs.
On Friday, Russia’s Federal Security Service, or FSB, announced that they conducted a series of raids on 25 addresses associated with 14 REvil hackers in Moscow, St. Petersburg, and Lipetsk.
However, authorities did not specify the number of suspects arrested during the raid. News outlet RIA Novosti released a video depicting several arrests.
During the raid operation, the FSB said it confiscated 426 million rubles ($5.5 million) in cash and cryptocurrency, as well as $600,000 in USD and 500,000 euros. They also seized an unspecified number of crypto wallets and 20 luxury cars.
US behind raid on REvil hackers in Russia
The FSB, in its announcement, stated that the raid was in response to requests from US authorities, which had identified REvil’s leadership. Russia’s ecosystem of cybergangs, especially those focused on ransomware, has become a central issue in relations between the US and Russia over the past year.
For a long time, the American President, Joe Biden has been on the pursuit of the hackers and putting an end to their operation. They became a priority for his government after hackers hit various US establishments and infrastructure in 2021.
Hackers hit the US colonial pipeline in May 2021, impacting computerized equipment managing the pipeline. In response, Colonial Pipeline Company halted all of the pipeline’s operations to contain the attack. With the assistance of the FBI, Colonial Pipeline paid the requested ransom (75 bitcoin or $4.4 million) within several hours after the attack. The hackers then sent Colonial Pipeline a software application to restore their network.
They also hit top American meat supplier, JBS forcing them to pay $11 million ransom to have access back to their systems.
US authorities conducted more aggressive international operations to find leaders of ransomware gangs. A consistent allegation has been that Russian President Putin tacitly condones the operations of cybercriminals within Russia as long as they do not target Russian entities.
