adds details and commentary from Washington
MOSCOW (awp/afp) – Russia announced on Friday that it had dismantled the group of hackers REvil, considered the most formidable group of cybercriminals in the form of ransomware, at the request of the United States, which welcomed this cooperation in full crisis over Ukraine.
Russian and American Presidents Vladimir Putin and Joe Biden had indicated at a summit in June that they wanted to strengthen their cooperation in the fight against cybercrime, against a backdrop of crises and repeated accusations against Moscow in this area.
Following an operation by the Russian security services (FSB) and police “the existence of this organized criminal group has been put to an end,” the FSB said in a statement.
Searches carried out “at the request of the competent American authorities” targeted 14 people and 25 addresses in five Russian regions, in particular in the capital Moscow and in Saint Petersburg, the second city of the country, allowing the seizure of the equivalent of 426 million rubles (about 4.8 million euros) and 20 luxury cars, according to the press release.
The FSB does not specify how many people were arrested, but released videos of tough arrests. It indicates that the members of the group “developed harmful software, organized the embezzlement of funds from the bank accounts of foreign citizens and collected them”, according to the same source.
“We are satisfied with these initial measures,” commented an official from the American administration in Washington. “But I want to be clear: this has nothing to do with what is happening with Russia and Ukraine.”
“We have always been very clear: if Russia invades Ukraine further, we will impose severe costs on it in cooperation with our allies and partners,” added the official, who requested anonymity.
She confirmed that these arrests were the result of cooperation with the Russian authorities. Washington attributes the arrests to “exchanges that have taken place in terms of information sharing and calls for Russia to take action,” she said.
She also said one of the arrested hackers was responsible for last May’s ransomware attack on the Colonial pipeline network, the main source of gasoline for much of the eastern United States. The group had paid $4.4 million to regain control of its facilities.
The same month, the global meat giant JBS was targeted, notably paralyzing the group’s activities in Australia.
In early July 2021, this group of Russian-speaking hackers, also called Sodinokibi, claimed responsibility for the ransomware attack targeting the American computer company Kaseya.
Joe Biden then asked, during a telephone exchange, Vladimir Putin to act against the attacks carried out from Russia, under penalty of seeing the United States take “the necessary measures”.
In early November, European and American authorities announced the arrest of seven hackers in an international operation that targeted REvil and the ransomware group GandCrab.
Ransomware is an increasingly lucrative form of digital hostage-taking in which hackers encrypt victims’ data and then demand money to put things right.
According to the US Treasury, $590 million in ransoms were paid in the United States alone in the first half of 2021, compared to $416 in 2020.