The U.S. Justice Department has announced the arrest of an alleged member of the REvil, a Russian-based hacking group. The group has been responsible for many attacks, with its latest attack affecting more than a thousand businesses. The alleged member is Ukrainian national Yaroslav Vasinskyi, who now faces extradition to the U.S.
The department has also seized $6.1 million in assets from the FTX crypto trading exchange linked to the group. It is pretty standard for hacker groups to use cryptocurrencies on the dark web. The cryptocurrency belonged to the Russian national Yevgeniy Polyanin, also indicted for allegedly working with REvil. Even though Polyanin has been indicted for attacking corporate and government targets, he hasn’t been caught yet.
Joe Biden had previously pressed Vladimir Putin to stop providing a haven to REvil and other ransomware groups. The group’s attack involved breaking into networks to gain control over them and then stealing precious data. The companies were then told to pay a ransom, or the data would be sold or posted online. Apple also fell victim to this when REvil posted documents related to the new Macbooks on their blog.
Previously, they have also attacked the global meat-processor JBS on Memorial Day. They knew that security would be lax around the national holiday, and many offices won’t open till Monday. By then, the ransomware would have infected most of the systems.
The Biden administration has been cracking hard on these hacker groups. The FBI, Secret Service, and Cyber Command have also worked together to take down REvil’s website using their tactics against them. President Joe Biden said in a statement that the government is using its “full strength” to “disrupt malicious cyber activity and actors” and that the arrests and financial seizures were part of its efforts to “hold accountable those that threaten our security.”