top of page


  • Matthew Spencer - Tech Journalist

Russian Authorities arrested REvil Ransomware Hacker group

Russian officials arrested REvil ransomware hacker group members and seized more than 426 million Rubles ($5.5 million), $600,000 in hard cash, 500,000 Euros in cash, and a few luxury cars. REvil is one of the prolific and notorious ransomware groups in the world.

In the past few years, millions have been taken out by ransomware attacks from individual victims and organisations. Yet ransomware remains one of the breathing causes companies remain undisputed and fearful.

Russia's Federal Security Service Officials took a request from the US government to look for attackers. Colonial Pipeline was one of the biggest reasons the US took additional measures in capturing ransomware gangs.

Fourteen members of the REvil ransomware group have been arrested, and further data will be collected from them. As we mentioned earlier, millions of hand cash were found at their disposal, which now lies in the Russian authority's hand.

A senior US official said they are looking to find more ransomware groups in the future. Continuous actions to dismantle ransomware attackers indeed brings a sense of peace to people's mind.

In 2021, the US government gave out a notice of $10 million for information regarding ransomware attacks. The US and the UK joined forces in fighting cybercrime as they are the targets most of the time.

Rather than individual protection, the joint venture will bring matters at ease as the ministry of defence, military, cybersecurity experts, government officials take the issue into their hands.

Though some cybersecurity experts are sceptical of the move, it could be Russia's turning point in handing out a new proposition towards the venture. In Russia, attackers remain hidden most of the time due to the government regulation protecting them, as they are not hampering nations security.

But a push from the offshore governments has put even the Russian superpower to shake a bit on their actions.

REvil attacker's handout could be a turning point for Russian defence and bring the friendship closer than it usually is. Cybercriminal forums said the move from Russian officials could be due to the extended pressure by the US, and the current military activity of the Russian border with Ukraine border will be put at ease.

Many news publishers said, with the capture of 14 REvil members, they are now 'neutralized.' Ongoing operation in capturing and finding out attackers will remain as it is.

The Russian domestic intelligence service (FSB) said a raid took place on 25 addresses. They include Moscow, St. Petersburg, Leningrad, and Lipetsk regions. In these places, the 14 alleged REvil members belong.

American authorities found out the matter promptly as the FSB said they were working closely. According to Russian sources, more than 426 million Rubles (approximately $5.5 million), 500,000 Euros and $600,000 US currency was seized.

Twenty luxury cars purchased with ransomware money was also obtained. They are not personal property as ransomware money belonged to the cybercrime division and may be returned if owners are found.

FSB announced "to implement the criminal intent, these persons developed malicious software, organised the theft of funds from the bank of foreign citizens, and they're cashing out, including by purchasing expensive goods on the Internet." (Google translate from the Russian language).

Under Part 2 of Art. 187 'Illegal circulation of means of payment' of Russian criminal code will be applied to the captured parties of REvil Ransomware group members.

Stats said REvil and its affiliates were behind four of 2021's top ten most significant ransomware attacks. It is by far more traumatising than its competitors.

At Tech News Hub, we covered REvil and other ransomware groups activity and chaos. This should serve as peace of mind that the authorities capture the attackers. Though how much they will find remains a question as they are pretty good at hiding traces.


bottom of page