Yesterday, the Russian Federal Security Service (FSB) announced to have dismantled the REvil ransomware operation and arrested 14 alleged members of the gang. The group that is behind a long string of attacks against large organizations across the world, including Kaseya and JBS USA.
A senior Biden administration official on Friday declared that one of the Russian hackers arrested by the FSB is responsible for the ransomware attack that hit the Colonial Pipeline last in 2021.
“We understand that one of the individuals who was arrested today was responsible for the attack against Colonial Pipeline last spring,” a senior administration official told reporters during a press conference. “I also want to be very clear: In our mind, this is not related to what’s happening with Russia and Ukraine. I don’t speak for the Kremlin’s motives, but we’re pleased with these initial actions.” the official added.
Russian authorities also reported to have seized 20 luxury cars along with cryptocurrency and fiat money:
REvil members are also accused to have stolen money from the bank accounts of foreign citizens.
The attack against Colonial Pipeline was carried out by a ransomware gang known as DarkSide, but according to the senior official, one of the members of the now-defunct group was also involved in REvil operations.
The official did not name the man, he also remarked that the arrests were the result of an effort requested by the US Government to the Russian one during last year’s meeting between President Joe Biden and Russian peer Vladimir Putin.The Biden official, who briefed reporters on condition of anonymity, said the administration believes the activity by Russia’s internal intelligence agency is “not related to what’s happening with Russia and Ukraine,” adding that the White House has been clear it will impose “severe costs” on the Kremlin in coordination with Western allies.
“We’re committed to seeing those conducting ransomware attacks against Americans brought to justice, including those that conducted these attacks on JBS, Colonial Pipeline, and Kaseya.” added the official. “We’ve also been very clear: If Russia further invades Ukraine, we will impose severe costs on Russia in coordination with our allies and partners. As the President has said, cyber criminals are resilient and we will continue to take action to disrupt and deter them while engaging in diplomacy, as we have with Russia, allies, and partners around the world.”“
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, REvil ransomware)
[adrotate banner=”5″]
[adrotate banner=”13″]
As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement…
Healthcare service provider Kaiser Permanente disclosed a security breach that may impact 13.4 million individuals…
Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks exploiting recently disclosed CVE-2024-4040 vulnerability. Over…
A ransomware attack on a Swedish logistics company Skanlog severely impacted the country's liquor supply. …
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities…
U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog.…
This website uses cookies.