2 min read

Crackdown on REvil Ransomware Operators Results in Multiple Arrests, Recovery of $6 Million Extorted from Victims

Filip TRUȚĂ

November 09, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Crackdown on REvil Ransomware Operators Results in Multiple Arrests, Recovery of $6 Million Extorted from Victims

Actions taken against REvil affiliates ended with one arrest and the recovery of $6 million extorted from ransomware victims, the US Justice Department announced today. Romanian authorities have also detained two affiliates, bringing the number of REvil arrests to seven.

Yaroslav Vasinskyi, 22, a Ukrainian national, has been charged with conducting ransomware attacks against multiple victims, including the widely publicized July attack against several US companies.

Authorities also seized $6.1 million in funds traceable to alleged ransom payments received by Yevgeniy Polyanin, 28, a Russian national, who is also charged with conducting REvil ransomware attacks against multiple victims.

“Through the deployment of Sodinokibi/REvil ransomware, the defendants allegedly left electronic notes in the form of a text file on the victims’ computers,” according to the US Department of Justice. “The notes included a web address leading to an open-source privacy network known as Tor, as well as the link to a publicly accessible website address the victims could visit to recover their files. Upon visiting either website, victims were given a ransom demand and provided a virtual currency address to use to pay the ransom. If a victim paid the ransom amount, the defendants provided the decryption key, and the victims then were able to access their files. If a victim did not pay the ransom, the defendants typically posted the victims’ stolen data or claimed they sold the stolen data to third parties, and victims were unable to access their files.”

The $6.1 million seized from Polyanin is allegedly traceable to ransomware attacks and money laundering committed using Sodinokibi/REvil ransomware.

The two threat actors are charged in separate indictments with conspiracy to commit fraud and related activity in connection with computers, multiple counts of damage to protected computers, and conspiracy to commit money laundering. They face more than a century in prison if convicted of all counts.

Vasinskyi was taken into custody in Poland where he is held by authorities pending his requested extradition to the United States. In parallel with this arrest, interviews and searches were carried out in multiple countries that ended up with several other REvil affiliates getting detained.

Romanian authorities have also arrested two affiliates of the REvil ransomware operation responsible for 5,000 infections. Since February 2021, law enforcement officers have arrested three other affiliates of REvil, plus two GandCrab suspects, bringing the total of arrests to seven.

tags


Author



Right now

Top posts

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read
Why and how to hide your IP address while traveling

Why and how to hide your IP address while traveling

April 13, 2022

2 min read
How Bitdefender Can Help Restore Your Privacy in the Digital Age

How Bitdefender Can Help Restore Your Privacy in the Digital Age

April 04, 2022

3 min read
How Strong is VPN Encryption?

How Strong is VPN Encryption?

February 28, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Blockchain Company Horizon Offers Hacker $1 Million to Return $100 Million in Stolen ETH Crypto Blockchain Company Horizon Offers Hacker $1 Million to Return $100 Million in Stolen ETH Crypto
Silviu STAHIE

June 27, 2022

1 min read
Criminals Force Victim to Unlock Phone in Hope of Cryptocurrency Jackpot Criminals Force Victim to Unlock Phone in Hope of Cryptocurrency Jackpot
Radu CRAHMALIUC

June 27, 2022

2 min read
Capital One Hacker Found Guilty of Wire Fraud, Faces More than 20 Years in Prison Capital One Hacker Found Guilty of Wire Fraud, Faces More than 20 Years in Prison
Silviu STAHIE

June 22, 2022

1 min read