At the end of April 2019 a new family of ransomware was detected by the McAfee team now known as REvil. REvil Ransomware is a file locking virus considered a serious threat as it encrypts files and sends a ransom request message, hence the name ransom, ransom in English; This must be paid in bitcoins and when it is not paid on time, the amount is doubled.
Who is the alleged REvil hacker?
The United States Department of Justice announced today the seizure of $ 6.1 million in funds attributable to alleged ransom payments received by Yevgeniy Polyanin, 28, a Russian national, suspected member of the hacking group REvil, and is accused of carrying out ransomware attacks against multiple victims, including IT company Kaseya, an Apple vendor and government companies in Texas, and the arrest of Yaroslav Vasinskyi, 22, from Poland, where he remains detained by the authorities awaiting proceedings in connection with his requested extradition to the United States.
FBI Director Christopher Wray stated that the arrests and seizure of 6.1 million in assets are the culmination of collaboration between the United States government and the private sector, the FBI will continue to work tirelessly to detain the other members behind of the group REvil as ransomware groups like these pose a serious and unacceptable threat to the security and economic well-being of your country.
“Ransomware can bring a business to a standstill in a matter of minutes. These two defendants deployed some of the most virulent code on the internet, written by REvil, to hijack the victims’ computers, ”said Acting United States Attorney Chad E. Meacham for the Northern District of Texas.
The arrest was part of an ongoing major raid against key ransomware figures coordinated by the FBI, Europol, and national law enforcement organizations across Europe, with the help of private security companies.
The United States turns its attention to ransomware
In early June this year the US Department of Justice created a new division to combat ransomware attacks called the Ransomware and Digital Extortion Task Force.
Group attacks REvil and the May attack on the Colonial Pipeline company, which left 7 states in the country without gasoline, are some of the first cases of which this new division has been part.