Moscow: A Russian court has charged eight people, who are part of the REvil ransomware group that attacked top American companies, as White House officials confirmed that the person behind the ransomware attack on Colonial Pipeline last year was also arrested during the raid.
All the eight individuals are suspected of committing a crime stipulated under Part 2 of Article 187 of Russia’s Criminal Code (aIllegal Circulation of Payments’).
This crime is punishable with up to seven years in prison and a penalty of up to 1 million rubles (about $13,150), Russian news agency TASS reported late on Saturday.
The eight were arrested as part of a larger raid by Russia’s Federal Security Service (FSB) and the Ministry of Internal Affairs of Russia on 25 different locations across Moscow, St Petersburg and Lipetsk on Friday.
REvil hackers were linked to the massive ransomware attack against Colonial Pipeline in the US in May 2021.
REvil was also behind a cyberattack against meat supplier JBS, also in May, which shut down the company’s meat processing plants across the US.
According to the US Department of Justice, REvil is also responsible for deploying its ransomware on more than 175,000 computers. The group has allegedly earned $200 million from ransoms.
Russia had arrested at least 14 members of the well-known hacker group called REvil at the request of the US government after it was established that the infamous group was involved in several high-profile attacks on large American companies.
Operational for years, REvil is involved in attacking high-tech companies by introducing malicious software, encrypting information and extorting money for its decryption.
The FSB also seized 426 million rubles ($5.6 million) in a raid against 14 members of the group, along with more than $600,000 worth of cryptocurrency and 20 luxury cars.
The agency, however, said that REvil hackers with Russian citizenship will not be extradited to the US.