REvil taken down by special FSB operation

On January 15, 2022 FSB reported a successful operation on seizure of infamous ransomware gang behind REvil. We consider it to be a big win in cybersecurity world.

REvil was a Russia-based private ransomware-as-a-service (RaaS) operation. After an attack, REvil would threaten to publish victim’s information on their darknet page Happy Blog unless the ransom was received. In a high profile case, REvil attacked a supplier of the tech giant Apple and stole confidential schematics of their upcoming products. There is no exact number of REvil victims, however, we can imagine it counts thousands companies all over the world.

The FSB publishes a video of one of the special operations to neutralize the REvil hacker group.

Credit: Bloomberg Quicktake: Now

The special service stated that it had established the full composition of REvil and the involvement of its members in the illegal circulation of means of payment, the detained members of the group were charged under article 187 of the Russian criminal code.

Over 426 million rubles were seized at 25 addresses, including in cryptocurrency, 600 thousand dollars, 500 thousand euros, as well as computer equipment, crypto wallets and 20 premium cars bought with criminal money.