Russia's FSB says it removed REvil hacker group at US request
Russia's FSB says it removed REvil hacker group at US request
The FSB said on Friday that Russia's domestic security service (FSB) had arrested several members of the Ravil hacking group at the request of the US government. The move, which marks an unusual degree of cooperation between Russian and US agencies, comes amid increasingly aggressive Russian military activity and tense diplomacy along Ukraine's border as the United States attempts to prevent an armed conflict.
The Russian Interfax news agency reports that the FSB seized 426 million rubles ($5.6 million) as well as more than $600,000 worth of cryptocurrency and 20 luxury cars in raids against 14 members of the group. The FSB told Interfax that it was acting at the request of US officials and that they had informed them of the results of the operation. The FSB stated that the operation effectively destroyed Reville as a unit.
The Biden administration has long called on Russia to do more to crack down on ransomware gangs operating within the country, though with limited success so far. Analysts have linked Russian groups to widespread ransomware operations in Europe and the US, often without the intervention of local law enforcement. With no extradition treaty in place, the Russian government has been accused of harboring cybercriminals, provided they do not attack domestic targets.
US agencies have intensified their search for Reville after the FBI was linked to a hack that shut down the Colonial Pipeline in May 2021. Reville was also behind a cyber attack against meat supplier JBS in May 2021, which shut down the company's meat processing plants. across America.
An alleged member of REWIL was arrested by Polish authorities in November 2021 after being indicted by the US. According to a Reuters report, a source close to the case said that following the latest arrest, the FSB will not hand over members of the Revil group with Russian citizenship to the United States.
The US Justice Department had not responded to a request for comment by the time of publication.
The news of the operation against Ravil comes on the same day as a major cyber attack on the government of Ukraine. Several government websites were disabled on Friday morning, with spokesman for both the Ukrainian government and the European Union pointing fingers at Russia.
As the US continues to negotiate with Russia over its military activities along the Ukraine border, the FSB's action could be a negotiating proposition, said Nina Jankowicz, a global fellow at the Wilson Center and an expert on Russian affairs.
"Revil's removal by the FSB could allow Russia to try to throw a bone at the US after talks this week over escalating tensions along the Ukrainian border," Jankowicz said. "But when the rubber hits the road it doesn't make sense - Russia still has more than 100,000 troops on the border and this morning, the government of Ukraine experienced a massive cyberattack."
Although the Ukraine cyber attack has not yet been attributed to Russia, Jankowicz said, the methodology was similar to the pre-conflict attacks in Georgia in 2008 and the destruction of the Crimean peninsula in 2014.
No comments