Russian authorities have arrested 14 people involved in the REvil hacker group. Remarkably enough, this happened at the request of the US, although the chance of extradition is small.
REvil is a criminal gang that has been attacking businesses with ransomware for the past two years. They were involved in, among other things, the ransomware attack that was distributed via Kaseya VSA. In October, the organization appeared to stop its activities after being hacked itself, and a collaboration between various security services seemed to take the gang’s sites offline for good.
The Russian security service FSB now announces itself that it has carried out searches at 25 locations. Reuters said that fourteen people were arrested and 426 million rubles (half a million euros), computers and twenty luxury cars were seized.
Russia undertook the invasion at the request of the US. This is particularly remarkable given the geopolitical tensions between the two countries. However, it is also generally accepted that hacker gangs from Russia, mainly outside Russia, usually remain undisturbed and cannot simply be identified or arrested.
The action also comes at a time when several government websites in Ukraine are down due to a large-scale cyber attack as tensions with Russia rise there. Although the two have basically nothing to do with each other.
The perpetrators face up to seven years in prison. However, the chances of extradition to the US seem small. A source told the Russian news agency Interfax that members of Russian nationality will not be extradited to the US.