4 REvil ransomware members arrested in January 2022 had been launched by Russia on time served after they pleaded responsible to carding and malware distribution fees.
As they confirmed, Andrey Bessonov, Mikhail Golovachuk, Roman Muromsky, and Dmitry Korotayev had been concerned within the Revil gang’s carding actions between October 2015 and January 2022, in keeping with the Russian state-owned information company TASS.
All 4 had been discovered responsible by the courtroom and sentenced to 5 years in jail, however had been launched from custody as a result of the courtroom thought-about they’d served their sentence in a Russian detention heart (SIZO) in the course of the investigation and trial.
The defendants had been a part of a bunch of eight members of the REvil ransomware operation apprehended by Russian authorities greater than three years in the past.
Artem Zayets, Alexey Malozemov, Daniil Puzyrevsky, and Ruslan Khansvyarov, the opposite REvil members arrested in January 2022, had been sentenced to over 4 years in jail as a part of a unique continuing after they refused to plead responsible to the fees.
In line with Russian information outlet Kommersant, Zayets was sentenced right now to 4.5 years, Malozemov to five years, Khansvyarov to five.5 years, and Puzyrevsky to six years.
The courtroom discovered all 4 of them responsible of unlawful circulation of technique of fee, whereas Puzyrevsky and Khansvyarov had been additionally discovered responsible of distributing malware.
REvil’s downfall
REvil ransomware, often known as Sodin and Sodinokibi, surfaced in April 2019 as a successor to GandCrab, and it turned probably the most prolific ransomware group, demanding excessive ransom funds and incomes over $100 million inside a yr.
Nonetheless, in July 2021, issues modified when REvil attacked over 1,500 companies globally in a Kaseya provide chain assault, prompting President Biden to name on President Putin to handle cybercriminals in Russia, warning that the U.S. will take motion if the Russian authorities refuses to take action.
Subsequently, the U.S. arrested a REvil ransomware affiliate (Ukrainian nationwide Yaroslav Vasinskyi) answerable for the Kaseya assault in November 2021 and seized over $6 million from one other Revil associate (Russian nationwide Yevgeniy Polyanin), suspected of deploying the malware in at the very least 3,000 ransomware assaults. Vasinskyi was sentenced to 13 years in jail in Could 2024 and was ordered to pay $16 million in restitution for his involvement in REvil ransomware assaults.
The identical month, Romanian authorities arrested two different REvil ransomware associates linked to hundreds of different REvil assaults.
After the Kaseya assault, and certain prompted by the regulation enforcement stress, the REvil gang took a break however resumed operations two months later. Nonetheless, they unknowingly additionally restored machines managed by regulation enforcement after the authorities breached their servers proper earlier than REvil determined to pause their operations.
This led to a different wave of arrests, with the Russian Federal Safety Service (FSB) apprehending 14 suspects linked to the REvil ransomware-as-a-service (RaaS) operation in January 2022 and saying it recognized all members of the REvil gang and documented their unlawful actions.
“On account of the joint actions of the FSB and the Ministry of Inner Affairs of Russia, the organized prison group ceased to exist, the knowledge infrastructure used for prison functions was neutralized,” the FSB mentioned.
Nonetheless, after it invaded Ukraine, Russia mentioned in April 2022 that the U.S. had unilaterally shut down communication channels with Russia on cybersecurity and withdrawn the negotiation course of relating to the REvil gang.
Patching used to imply complicated scripts, lengthy hours, and countless fireplace drills. Not anymore.
On this new information, Tines breaks down how trendy IT orgs are leveling up with automation. Patch sooner, cut back overhead, and give attention to strategic work — no complicated scripts required.
