Russian authorities have announced that they have dismantled the infamous REvil ransomware gang and arrested several of its members. As reported by the BBC, the Federal Security Service of the Russian Federation or FSB for short said in a statement that the cybercriminal group had “ceased to exist” following a recent law enforcement operation.
Although the US was ready to offer a reward of up to $10m for information on the REvil ransomware gang, it now appears that none of its members will be extradited following their arrests. According to the FSB, the agency used information provided by the US to take down the group and put an end to its operations once and for all.
In addition to seizing 426m rubles (around $5.5m) including close to $600k in cryptocurrency, the FSB also seized 20 “premium cars” from the group.
REvil ransomware group
Although the group took down all of its websites and essentially shut down in September of last year, REvil is one of the most notorious ransomware gangs to have ever existed.
REvil was responsible for a major ransomware attack on the meat processor JBS that led to a complete production stoppage over the Memorial Day holiday last year. However, the group struck again over the Fourth of July holiday weekend in 2021 as well when it attacked the IT management firm Kaseya which affected hundreds of organizations including multiple managed service providers and their customers.
Although it appeared that REvil had resumed its operations under the name BlackMatter last summer, the news that the group has been dismantled will likely be a relief to the many organizations that it targeted over the years.
We’ll have to wait and see if the Russian government and the FSB provide any further details on its operations but for now, it looks like REvil is finally out of commission.