The names of the members of the REvil hacker group, who were detained by the FSB “at the request of the United States,” have become known. According to the Tverskoy court, Roman Muromsky and Andrey Bessonov were detained. About it informs RBC. It is also known that Muromsky is suspected under Part 2 of Art. 187 of the Criminal Code (illegal circulation of means of payment). He faces up to 7 years in prison.
Previously reportedthat the operation was carried out after the appeal of the US authorities, who reported the leader of the community and his involvement in attacks on Western Internet companies. According to the FSB, the full composition of REvil and the involvement of its members in the illegal circulation of means of payment have been established, and the detained members of the group have been charged under article 187 of the Russian Criminal Code.
It is also noted that over 426 million rubles were seized at 25 addresses, including in cryptocurrency, 600 thousand dollars, 500 thousand euros, computer equipment, crypto wallets and 20 premium cars bought with criminal money.
According to media reports, REvil members with Russian citizenship will not be extradited to the United States.
Formerly CNN informedthat the US authorities are planning to bring charges against Ukrainian citizen Yaroslav Vasinsky and Russian citizen Yevgeny Polyanin. According to American investigators, they were part of the REvil group and were involved in cybercrimes. As part of the investigation, law enforcement agencies seized $6 million sent to Polyanin as a ransom.
Vasinsky and Polyanin are accused of extortion, fraud and money laundering. Vasinsky, 22, was arrested in October 2021 in Poland. He faces extradition to the US. Polyanin, 28, remains at large. According to the FBI, he is in Barnaul. Both of them were included in the list of persons against whom sanctions were imposed.
Vasinsky, according to investigators, distributed the REvil virus. Using this program, hackers encrypted data on an infected computer, and then extorted money for help in decrypting it. The damage caused by REvil to American companies exceeds $200 million.
On July 4, US Independence Day, hackers staged a cyberattack on Florida-based software company Kaseya. Thanks to this, they were able to infect the computers of more than 1,500 companies around the world that were Kaseya’s customers with the virus.
It was also reported that earlier this year, the group demanded $50 million from Apple after hacking into the computer systems of one of the technology giant’s suppliers.
In addition, the FBI suspected members of REvil in the May attack on JBS, which occupies a fifth of the American beef market. Due to a cyber attack, JBS was forced to temporarily stop production at factories in Australia, Canada and the United States. The company paid hackers $11 million to unlock its computer systems.
After the July cyberattack, REvil’s websites stopped functioning. The media noted that this happened shortly after a telephone conversation between US President Joe Biden and Russian President Vladimir Putin, which was reported on July 9. According to The New York Times, Biden demanded that Putin take action against ransomware used to cyber-attack U.S. infrastructure.
In September, the REvil sites were up and running again. However, in October, according to the Washington Post, members of the US Cyber Command managed to hack REvil’s computer infrastructure and disable it.
According to Chainalysis, victims of ransomware cyberattacks paid a ransom worth about $350 million in 2020. But the real profits of hackers using these viruses can be even higher.
In early November, the US State Department offered a $10 million reward for important information about Russian hackers using the DarkSide program. In May, because of the harm she had caused, she was for several days terminated work of a major American fuel supplier Colonial Pipeline.