Cybercriminal Revil Group has been dismantled upon request from United States, announces Russia

This is one of the most important criminal networks practicing ransoning attacks in the world. In their communiqué, the Russian intelligence services claim to have completed 14 suspect-related addresses.


Russian intelligence services (FSB) conducted an operation against the Cybercriminal Revil Group, resulting in several charges and the identification of all members of this network, Have they announced Friday, January 14 in a statement . This action has been diligently “on the call of the US competent authorities”, which have been “informed of the results,” added the agency.

The revil group (also referred to as Sodinokibi), which appeared in 2019, is one of the most important criminal networks in the world practicing attacks by ransongicials. With these malicious tools used on the computer network of a company or administration, they encrypt the contents of the computers, paralyzed the network and request a ransom in cryptomonnaium in exchange for the decryption key.

In its statement, the FSB asserts to carry out searches to 25 addresses related to 14 suspects: 426 million rubles (4.9 million euros), $ 600,000 and 500,000 euros were seized, as well as Cryptomonnaire portfolios and twenty luxury cars. The Agency indicates that several people have been arrested, without specifying their exact number, but adding that it has thus dismantled the entire cybercriminal group.

Several magnitude attacks

This criminal organization has made several large victims, including a subcontractor of Apple, Quanta, or the American subsidiary of the Brazilian group of the JBS meat sector. Revile, suspected of being the emanation of Gandcrab, another rançongicial operator, particularly the subject of FBI surveys in the United States and the fight against cybercrime (BL2C, within the prefecture of Paris police) in France. Procedures for this type of criminal organization can be tentacular: revile operators praise their malware to “affiliates”, accomplices that can work with several different groups and specialize in intrusion within networks of their victims. In October, the media Die Zeit and BR24 had also revealed that the German federal investigators had identified Nikolay K. (the name has been changed), a Russian citizen suspected of being one of the thinking heads of Revil.

Several police operations targeted revile “affiliates” in recent months. On November 8, the United States announced the arrest in Poland by Yaroslav Vasinsky, a Ukrainian suspected of conducting several attacks on behalf of this group in 2019 and 2021, including the large-scale US company. Kaseya. Another Ukrainian, Evgeniy Igorevich Polyanin, was also charged at the same time, but without being arrested. In particular, he was suspected of conducting an attack in 2019 against nearly 40 Texas municipalities. Also on November 8, Europol had announced the arrest of two suspects in Romania and another in Kuwait, after four others in South Korea and Europe in the previous months.

/Media reports.