Romanian Authorities Arrest REvil Cyber Gang Hackers Who Infected 5,000
Two hackers behind the REvil ransomware attacks were arrested by Romanian authorities, according to Europol.
“REvil,” short for “Ransomware-Evil,” is one of the most prolific cyber gangs to date, allegedly responsible for 5,000 attacks, including high-profile ones on Acer, JBS, Quanta Computer, and more.
In the fight against ransomware, a multi-country takedown of the hacker group has been underway. Since February 2021, Europol confirmed three other affiliates had been arrested across Europe and South Korea.
“A total of seven suspects linked to the two ransomware families have been arrested since February 2021,” Europol said. “They are suspected of attacking about 7,000 victims in total.”
Besides direct attacks, REvil also sold sophisticated ransomware tools to other hackers.
In July, the group suddenly disappeared from the dark web, following a warning from the Biden administration to crack down on the group. The sudden disappearance came days after President Biden pressed Russian President Vladimir Putin to punish hackers in his country.
“I made it very clear to him [Putin] that the United States expects when a ransomware operation is coming from his soil, even though its not sponsored by the state, we expect him to act,” Biden told reporters in July.
Some of REvil’s ransomware attacks caused severe damage, especially to IT software supplier Kasey.
There was no word if the heads of REvil were arrested. Europol gave no information on who was apprehended. Overall, this is excellent news for the global anti-ransomware effort that has caused so much havoc over the last few years.