Status: 14.01.2022 6:01 p.m.
Hackers from the REvil group are said to be behind thousands of ransomware attacks. According to their own statements, Russian investigators have now dissolved their infrastructure. Previously, there was a corresponding request from the US authorities.
According to Russian information, the infrastructure of the hacker group REvil has been dissolved. The members’ illegal activities have been smashed, said the domestic secret service FSB. During searches in 14 places of residence, money and equipment were confiscated.
According to the information, 426 million rubles, i.e. the equivalent of around 4.8 million euros, were secured – part of it in cryptocurrency. Investigators also found $600,000 and €500,000 in cash, computer equipment and twenty high-quality cars.
Blackmail with encrypted data
According to security experts, REvil has specialized in so-called ransomware attacks, in which the data of those affected is encrypted and only decrypted again after payment of a ransom.
The group is said to be behind an attack on the American IT service provider Kaseya. Kaseya has 40,000 business customers around the world. One consequence of the attack was that most of the branches of the Swedish supermarket chain Coop had to close temporarily because the checkout systems were not working.
Alleged mastermind charged in the US
In November, international investigators arrested several hackers who are said to be responsible for thousands of attacks on organizations and companies. The alleged mastermind behind the Kaseya attack has also been arrested and charged with fraud and money laundering in the US.
Experts suspect that groups from Russia are mainly responsible for major cyber attacks.
US and Russia strive for better cyber security
According to the Russian investigators, the current investigation was prompted by a request from the US authorities.
Last year, Russia’s head of state Vladimir Putin and US President Joe Biden discussed the cyber attacks at talks in Geneva and agreed to work together to improve cyber security.