MOSCOW, January 14. /TASS/. Russia’s Federal Security Service, acting after a notification from the US, detained a group of hackers known as REvil that has infected computers with ransomware, the agency told TASS on Friday.
The agency apprehended 14 members of the group in an operation that spanned several locations across central Russia, searched their homes, and seized millions of dollars’ worth of cash as well as luxury cars in addition to computers and crypto wallets that were used to commit crimes, it said.
The FSB, as the agency is known, said it conducted the operation jointly with the Interior Ministry in Moscow, St. Petersburg, and the Moscow, Leningrad, and Lipetsk regions. It started the investigation following information from "competent US agencies that notified about a criminal group leader and the group’s involvement in attacks on IT resources of foreign high-tech companies by implanting malware, encrypting data and extorting money for its decryption."
The FSB said it had identified all members of the REvil group, established their involvement in illegal trafficking of currencies, and documented their criminal activities. The group, according to the FSB, developed malicious software, stole and cashed out money from the bank accounts of foreign nationals, including through purchasing expensive goods online.
The FSB said it searched 25 places of residence of the 14 members of the group and seized more than 426 million rubles ($5.6 million) including in cryptocurrency; 600,000 US dollars 500,000 euros; computer equipment, the crypto wallets that were used to perpetrate crimes, and 20 luxury cars that were purchased with illicitly obtained money.
As a result of the operation, the criminal group has ceased to exist and its IT infrastructure has been "neutralized," the agency said. Russia has informed the US law enforcement agencies about the outcome of the operation, the FSB said.