After thousands of cyber attacks: members of the Revil hacker group arrested
Internationally cooperating investigators have struck a blow against criminals who are believed to be responsible for thousands of attacks on organizations and companies. That US Department of Justice announced, A Ukrainian was caught in Poland who was suspected of being behind the major cyber attack on the American IT service provider Kaseya, among other things. Hundreds of companies, including numerous managed service providers, were attacked with blackmail software through a vulnerability at Kaseya in early July. The police department Europol announced at the same time, Two people were arrested in Romania who allegedly carried out attacks with the same software. The arrests were part of an international operation.
According to Europol, 17 countries were involved in the investigation, including the USA, Germany, France, the Netherlands, Poland, Romania and Canada. In Germany was after Information from the European judicial authority Eurojust the Stuttgart Public Prosecutor in charge. Over several months, a total of seven suspects were arrested in several countries, said Europol. They are suspected of having attacked around 7,000 targets in so-called ransomware attacks and stealing millions. According to Eurojust, the attacks on those arrested were directed against companies, as well as local authorities, hospitals, judicial authorities, schools and universities. Five of those arrested had carried out attacks with the Revil software.
The hacker group of the same name had caused a sensation in the past few months with several large attacks. When attacking Kaseya, the group asked for a master key to all affected computers on its Darknet website. Since many of the affected Kaseya customers are IT service providers, some of their customers were also affected. A few weeks earlier, the Revil software had paralyzed several plants of the world’s largest meat company JBS. At the time, the group collected eleven million dollars in ransom in cryptocurrencies from the company.
US Attorney General Merrick Garland said in Washington that Revil software has been used in attacks on around 175,000 computers worldwide. At least $ 200 million ransom has already been paid for attacks with the software. The 22-year-old Ukrainian arrested in connection with the software was arrested at the request of the USA while entering Poland. His extradition to the United States has been requested.
The US Department of Justice also confiscated $ 6.1 million that another Revil hacker allegedly stole with ransomware attacks, Garland said. The 28-year-old Russian is said to have attacked around 3,000 targets with blackmail software.
The US State Department on Monday offered a reward in the millions for clues that lead to the identification or establishment of leadership figures in the Revil group – or anyone involved in attacks with the software. A few days ago, the US government announced a similar reward for members of the DarkSide hacker group, which is responsible for the cyber attack on America’s largest gasoline pipeline in the spring.
As a result of the attack, the pipeline, through which about 45 percent of all fuel consumed on the US east coast runs, was temporarily completely shut down. Gasoline bottlenecks occurred in parts of the country. The hackers had broken into the pipeline operator’s computer network and demanded a ransom in the millions, which the company paid. (dpa / pma)