Operational for years, REvil is involved in attacking high-tech companies by introducing malicious software, encrypting information and extorting money for its decryption.
According to Russia’s Interfax news service, the domestic security agency, the FSB, has arrested numerous members of the REvil hacking group at the request of the US government.
The FSB also seized 426 million rubles ($5.6 million) in a raid against 14 members of the group, along with more than $600,000 worth of cryptocurrency and 20 luxury cars.
The report, however, said that REvil hackers with Russian citizenship will not be extradited to the US.
“The FSB of Russia has established the full composition of the REvil criminal community and the involvement of its members in the illegal circulation of means of payment, and documentation of illegal activities has been carried out,” the intelligence service was quoted as saying in the report on Friday.
The agency also seized computer equipment and crypto wallets used to commit crimes.
“Representatives of the competent US authorities have been informed about the results of the operation,” the agency said.
The Joe Biden administration has been calling on Russia to crack down on ransomware gangs operating within the country.
REvil hackers were linked to the massive ransomware attack against Colonial Pipeline in the US in May 2021.
REvil was also behind a cyberattack against meat supplier JBS, also in May, which shut down the company’s meat processing plants across the US.
The second quarter of 2021 was a vibrant quarter for ransomware, earning its place as a high-profile cyber agenda item for the US administration following the Colonial Pipeline attack, according to a report by McAfee Enterprise.
Fuelled by cryptocurrencies, ransomware was involved in 79 per cent of the global cybersecurity incidents in the last 18 months of the pandemic, led by Conti and REvil ransomware attacks, a report from global cyber security firm Sophos showed recently.
State-sponsored hackers hit Ukraine this week with a ‘massive cyber-attack’, shutting down several government websites amid heightened tension with Russia.
“It’s too early to draw conclusions, but there is a long record of Russian assaults against Ukraine,” a spokesperson for the Ukraine Foreign Ministry was quoted as saying.