Russia has granted the United States unusual assistance: at the request of the US authorities, the FSB secret service took action against a notorious hacker group.
At the request of the United States, Russia has disbanded the notorious hacker group Revil. The illegal activities of the group’s members were “dismantled after a request from the responsible US authorities,” the Russian domestic intelligence service FSB said on Friday. Among other things, Revil was behind a spectacular and momentous ransomware attack on the US software company Kaseya last year.
According to the FSB, it carried out searches at 25 locations in five Russian regions, targeting 14 suspects. According to the FSB, assets worth the equivalent of 4.8 million euros and 20 luxury cars were confiscated during the raids. The agency released videos of arrests but did not comment on the number of those arrested.
A representative of the US government said she was “pleased with these initial measures”. Among the suspects is also someone responsible for the momentous hacker attack on the Colonial Pipeline in the eastern United States.
The government official, who asked not to be named, made it clear that Russia’s actions against Revil have no relevance to dealing with the growing tensions between Russia and Ukraine. “We have always made it very clear that if Russia invades Ukraine again, we will make it pay a heavy price in cooperation with our allies and partners,” the US administration said.
The attack on Kaseya in early July 2021 is estimated to have affected approximately 1,500 companies in at least 17 countries worldwide. The Miami-based company supplies IT Services to around 40,000 business customers all over the world. As a result of the attack, the Swedish supermarket chain Coop had to temporarily close the majority of its branches due to failed checkout systems.
At the end of last year, the mastermind behind the attack, the Ukrainian Yaroslav Wasinskyi, was arrested. The US Department of Justice charged him with fraud and money laundering.
Ransomware is injected software that blocks computers and other systems. The operators are then blackmailed so that the systems can be activated again. The term contains the English word for ransom (“ransom”). According to the US Treasury Department, ransoms of $590 million (€515 million) were paid after such cyberattacks in the first half of 2021 in the US alone.
Cyber security was one of the main topics at a summit between US President Joe Biden and Kremlin chief Vladimir Putin last June. The two heads of state promised each other increased cooperation to combat cybercrime. In July, Biden urged Putin to take action against ransomware groups in Russia. Otherwise, the US would take “all necessary measures” to protect its citizens.