The Russian Federal Security Service (FSB) said on Friday that it has raided and shut down the activities of the infamous Ravil ransomware gang, which was responsible for several high-profile attacks.
As part of the unprecedented operation — which will undoubtedly serve as a warning to other ransomware groups operating outside of Russia — the Russian authorities raided 25 addresses in Moscow, St. Petersburg, and Lipetsk that were allegedly owned by 14 suspected members of the Ravil ransomware group.
Several of the most severe assaults of the last year, including those against Colonial Pipeline, JBS Foods, and the United States technology company Kaseya, are thought to have been planned by the gang, which shut down operations in July before making an unsuccessful return in September.
Over 426 million rubles and €500,000 (roughly $6 million) were taken, as well as $600,000 in cash, cryptocurrency wallets, laptops, and 20 high-end automobiles, according to the Federal Security Service (FSB).
The Federal Security Service (FSB) stated that it carried out the search operation at the request of U.S. officials, who were subsequently told of the findings.
The members of the ransomware group that were apprehended were prosecuted under Russian law with “illegal circulation of means of payment.” Russian police have not revealed the identities of any of the suspects at this time.
“As a result of combined measures by the Federal Security Service (FSB) and the Ministry of Internal Affairs of Russia, the organized criminal community has been eliminated, and the information infrastructure utilized for criminal objectives has been neutralized,” the FSB stated in a press release.
A 22-year-old Ukrainian citizen connected to the Ravil ransomware gang has been accused of directing a ransomware assault against U.S. IT business Kaseya, according to news of the FSB’s surprise operation released barely two months after the United States Department of Justice indicted him. Seven other members of the Ravil gang were apprehended during the year 2021 due to operations coordinated by Europol. After President Biden pushed Russia to follow suit, Russian President Vladimir Putin responded by ordering the government of the Russian Republic of Kazakhstan to take steps to dismantle these criminal groups.
ACCORDING TO THE AGENCY, the FSB’s move comes only hours after a massive cyberattack in Ukraine knocked off government websites, including those for the foreign ministry, the national security and defense counsel, and the government’s cabinet of ministers. Despite officials’ insistence that it was too soon to make any conclusions, they alluded to Russia’s “long history” of cyber attacks on Ukraine.