Starting from: 01/14/2022 06:01 PM
The REvil group hackers are believed to be behind thousands of ransomware attacks. Now Russian investigators have dismantled their infrastructure according to their own information. Previously there was a request from the US authorities.
According to Russian information, the infrastructure of the REvil hacker group has been resolved. The FSB internal intelligence announced that the illegal activities of the members had been crushed. During searches at 14 residences, funds and equipment were confiscated.
According to the information, 426 million rubles were secured, equivalent to about 4.8 million euros – part of which was in cryptocurrency. Investigators also found $600,000, €500,000 in cash, computer equipment and twenty high-quality cars.
Extortion of encrypted data
According to security experts, REvil specializes in so-called ransomware attacks, in which the data of those affected is encrypted and decrypted again only after a ransom is paid.
The group was said to have been behind an attack on a US IT service provider, Cassie. Kaseya has 40 thousand business customers around the world. One result of the attack was that most branches of the Swedish supermarket chain Coop had to temporarily close because payment systems were not working.
The alleged mastermind in the United States
In November, international investigators arrested several hackers who were said to be responsible for thousands of attacks on organizations and businesses. The alleged mastermind of the Cassia attack has also been arrested and charged with fraud and money laundering in the United States.
Experts believe that groups from Russia are primarily responsible for major cyber attacks.
The United States and Russia seek to improve cybersecurity
According to Russian investigators, the ongoing investigation came at the request of the US authorities.
Last year, Russian President Vladimir Putin and US President Joe Biden discussed cyber attacks at talks in Geneva and agreed to work together to improve cybersecurity.