“Revil Gang” have been arrested by European law enforcement agencies
Authorities from 17 countries, Europol, Eurojust, and Interpol, have tracked down cybercriminals affiliated with cybergang Revil. This led to the dismantling of this malicious operator and the arrest of a dozen individuals, including two linked to GandCrab. They are believed to be the source of the most virulent strains of ransomware.
What you need to know about ransomware
The rancongiciels or ransomware is malware that paralyzes the computer system. Hackers demand a ransom to unlock it. These cybercriminals are tasked with penetrating the ransomware developed by the gang into the victims’ computer networks. The software authors then take it upon themselves to extort money from them. Ransoms are payable in bitcoin, so they cannot be canceled once paid. The sums extorted are then shared among the members of the cybergang.
Gang hackers targeted by series of arrests
According to Europol, 3 Revil affiliates and two suspects linked to its predecessor, GandCrab, have been arrested by law enforcement since February. They are the source of 7,000 infections and $ 200 million in ransoms demanded.
After the denial of this malicious organization, on November 8, Europol announced that the Romanian authorities arrested four other people. They are suspected of having launched cyber-attacks based on Revil (aka Sodinokibi), responsible for 5,000 infections and 500,000 euros in ransom demands. 2 of them were arrested Thursday, November 4, in the coastal city of Constanta and placed in pre-trial detention by the police.
The United States also issued an international warrant against Yaroslav Vasinsky, a 22-year-old Ukrainian, who was stopped at the Polish border on the same day of the arrest in Romania. “Mr. Vasinky was arrested on November 8 while going to Poland from Ukraine. At a press conference, said Merrick Garland, the US Attorney General, the equivalent of the Minister of justice. In July, the United States accused him of being one of the Revil affiliates behind the cyberattack on publisher Kaseya. This attack impacted more than 1,600 companies and raised the ransom counter to 70 million euros.
Save $ 475 million in ransoms with No More Ransom.
The police and justice forces are currently carrying out actions to eradicate ransomware. At the same time, the No More Ransom initiative was set up to help ransomware victims find data encrypted by cybercriminals. It involves security providers from international institutions. The No More Ransom initiative provides decryption tools for organizations affected by specific versions of GandCrab and Revil / Sodinikibi ransomware. It has already helped more than 1,400 companies decrypt their data and avoid the payment of more than $ 400 million in ransoms demanded by cybercriminals.