This website collects cookies to deliver better user experience. Cookie Policy
Accept
Sign In
The Wall Street Publication
  • Home
  • Trending
  • U.S
  • World
  • Politics
  • Business
    • Business
    • Economy
    • Real Estate
    • Markets
    • Personal Finance
  • Tech
  • Lifestyle
    • Lifestyle
    • Style
    • Arts
  • Health
  • Sports
  • Entertainment
Reading: Russia Arrests Hackers Tied to Major U.S. Ransomware Attacks, Including Colonial Pipeline Disruption
Share
The Wall Street PublicationThe Wall Street Publication
Font ResizerAa
Search
  • Home
  • Trending
  • U.S
  • World
  • Politics
  • Business
    • Business
    • Economy
    • Real Estate
    • Markets
    • Personal Finance
  • Tech
  • Lifestyle
    • Lifestyle
    • Style
    • Arts
  • Health
  • Sports
  • Entertainment
Have an existing account? Sign In
Follow US
© 2024 The Wall Street Publication. All Rights Reserved.
The Wall Street Publication > Blog > Tech > Russia Arrests Hackers Tied to Major U.S. Ransomware Attacks, Including Colonial Pipeline Disruption
Tech

Russia Arrests Hackers Tied to Major U.S. Ransomware Attacks, Including Colonial Pipeline Disruption

Editorial Board Published January 14, 2022
Share
Russia Arrests Hackers Tied to Major U.S. Ransomware Attacks, Including Colonial Pipeline Disruption
SHARE

WASHINGTON—The Russian government on Friday said it had arrested members of the prolific criminal ransomware group known as REvil that has been blamed for major attacks against U.S. business and critical infrastructure, disrupting its operations at the request of U.S. authorities.

Russia’s security service, the FSB, said in an online press release that it had halted REvil’s “illegal activities” and seized funds belonging to the group from more than two dozen residences in Moscow, St. Petersburg and elsewhere. REvil members were arrested in relation to money-laundering charges, the FSB said. It didn’t provide names of any of the suspects.

The arrests included “the individual responsible for the attack on Colonial Pipeline last spring,” a particularly devastating ransomware offensive that led to the main conduit of fuel on the U.S. East Coast being shut down for days, a senior Biden administration official said. A different Russian ransomware gang had previously been linked to the Colonial hack, but security experts and officials have said they are not neatly defined and that individual hackers often overlap.

“We welcome reports the Kremlin is taking law enforcement steps to address ransomware within its borders,” the official said.

TASS, the Russian state news agency, said 14 members of REvil had been arrested. A Russian government video published online by TASS Friday showed clips of Russian law enforcement forcibly entering apartments, detaining suspects whose faces are blurred out, and counting large bundles of Russian and American currency. TASS identified one of the people arrested as Roman Muromsky.

Analysts said the timing of the action was notable because it arrived alongside rising tensions between Russia and Ukraine, as U.S. and NATO efforts so far to ease the situation appear to have faltered.

“This is Russian ransomware diplomacy,” said Dmitri Alperovitch, chairman of the Silverado Policy Accelerator, a Washington-based cybersecurity think tank. “It is a signal to the United States—if you don’t enact severe sanctions against us for invasion of Ukraine, we will continue to cooperate with you on ransomware investigations.”

The senior administration official said the crackdown on Friday “is not related to what’s happening with Russia and Ukraine,” and that the U.S. has been clear what penalties Moscow will face if it invades its neighbor.

The Russian Embassy in Washington declined to comment and only referred back to the FSB press release.

The operation against REvil would amount to the most significant action Russia has taken against ransomware gangs that operate within its borders. The group is one of the most notorious ransomware gangs in Russia and was blamed for major attacks last year in the U.S. that disrupted operations at a major meat supplier, for which it netted a ransom payment of $11 million, and another attack that affected about 1,500 businesses.

U.S. officials have long accused Russia of claiming to prosecute hackers and other criminals that they later release and enlist to help in their government cyber operations.

While the arrest of 14 alleged ransomware hackers seems like a significant breakthrough in diplomatic relations, it may merely be intended as a gesture by Russia to placate the U.S. ahead of possible Ukraine-related sanctions, said Gary Warner, director of threat intelligence with the cybersecurity firm DarkTower. “It probably does not mean that a new era of cybercrime cooperation has opened.”

Russia ceased cooperation with U.S. authorities on investigations about eight years ago, around the time of Russia’s annexation of Crimea and U.S. sanctions that resulted, he said.

President Biden last year identified ransomware attacks emanating from Russia to be a top national security threat, and he has repeatedly pressured Russian President Vladimir Putin to crack down on criminal ransomware groups. Ransomware is a type of malicious cyberattack that locks up a computer system and holds data until the victim pays a ransom, typically in cryptocurrency.

Since last summer, U.S. and Russian officials have held several bilateral conversations to discuss the issue. Some of those conversations included the U.S. sharing specific names and intelligence with Russia about hackers identified as ransomware operators, officials familiar with the conversations have previously said.

U.S. officials have offered at times mixed messages about whether Russian ransomware attacks have fallen as a result of the administration’s diplomatic efforts, but until now there has been little public evidence that Moscow was cooperating.

The announcement of the crackdown came amid a growing buildup of Russian troops and military equipment at its border with Ukraine, as the U.S. and western allies have tried unsuccessfully to ease tensions between the neighbors. Ukraine also said Friday it had been hit by a cyberattack that had knocked several of its government websites offline. It wasn’t clear who was responsible.

Ransomware attacks are increasing in frequency, victim losses are skyrocketing, and hackers are shifting their targets. WSJ’s Dustin Volz explains why these attacks are on the rise and what the U.S. can do to fight them. Photo illustration: Laura Kammermann

In its press release the FSB said it had seized REvil’s cash, cryptocurrency wallets used in the alleged criminal operations, and 20 “premium cars” purchased with the group’s stolen money.

First discovered in the spring of 2019, REvil has emerged as one of the most prevalent ransomware families, security experts say. Its creators essentially rent their malicious software out, allowing hackers—called affiliates—who have already broken into corporate networks to deploy the software.

But the group’s operations have been under pressure from law enforcement. In July, the group temporarily ceased operations and the anonymous person who had served as its spokesperson vanished from online forums. The group returned online, only to vanish again in October after its online operations were again closed.

The Justice Department said in November it had seized $6.1 million in digital currency it said was tied to proceeds of an alleged REvil operator and Russian national, Yevgeniy Polyanin, while it unsealed an indictment against him.

The action coincided with an arrest in Poland of a Ukrainian national on charges he had launched the REvil ransomware attack on technology company Kaseya Ltd., which disrupted about 1,500 mostly small- and medium-size businesses in July. Europol, the European Union’s law-enforcement agency, said at the same time authorities in Romania had arrested two other people in connection with REvil.

Write to Dustin Volz at [email protected] and Robert McMillan at [email protected]

Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

TAGGED:Tech NewsWall Street Publication
Share This Article
Twitter Email Copy Link Print
Previous Article Netflix Raises Prices on U.S., Canada Plans Netflix Raises Prices on U.S., Canada Plans
Next Article Duck Dynasty star Phil Robertson takes on cancel culture in new book Duck Dynasty star Phil Robertson takes on cancel culture in new book

Editor's Pick

Jordan Peterson Hospitalized, ‘Close to Loss of life’ Amid Weird Eating regimen, ‘A long time of Mould Publicity,’ Daughter Says

Jordan Peterson Hospitalized, ‘Close to Loss of life’ Amid Weird Eating regimen, ‘A long time of Mould Publicity,’ Daughter Says

Studying Time: 3 minutes Based on the most recent replace from his daughter, writer and psychologist Jordan Peterson is coping…

By Editorial Board 5 Min Read
Maggie Baugh: Every part We Know About Keith City’s Rumored New Girlfriend
Maggie Baugh: Every part We Know About Keith City’s Rumored New Girlfriend

Studying Time: 3 minutes Is Keith City hooking up together with his…

4 Min Read
Danielle Fishel Rebuffs Whitney Leavitt After ‘DWTS’ Gaffe
Danielle Fishel Rebuffs Whitney Leavitt After ‘DWTS’ Gaffe

Studying Time: 2 minutes Did Danielle Fishel simply put Whitney Leavitt in…

4 Min Read

Oponion

Savor Sunshine With Menu Concepts for Out of doors Gatherings

Savor Sunshine With Menu Concepts for Out of doors Gatherings

The time period al fresco brings again a few of…

April 13, 2025

Lotus Chooses AWS as Its Most popular Cloud Supplier to Advance Related and Automated Autos

Main clever and luxurious mobility supplier…

December 2, 2024

Can You Leave Twitter and Still Get Twitter? I Tried Mastodon.

This copy is for your personal,…

November 9, 2022

Which iPhone Ought to You Purchase (or Keep away from) Proper Now?

What's New in iOS 26?{Photograph}: Julian…

September 18, 2025

Martha Stewart Shoves Drew Barrymore After Cringeworthy Petting Try

Welp. That was awkward. Martha Stewart…

November 12, 2024

You Might Also Like

A Shock  Deal on WIRED’s Favourite Espresso Maker
Tech

A Shock $80 Deal on WIRED’s Favourite Espresso Maker

Fellow makes a number of the prettiest, most superior espresso tech there may be—together with WIRED's favourite espresso maker, the…

4 Min Read
Cease Fumbling With Your Keys and Get These Good Locks As an alternative
Tech

Cease Fumbling With Your Keys and Get These Good Locks As an alternative

Ultraloq U-Bolt Professional for $170: WIRED reviewer Julian Chokkattu additionally examined the U-Bolt Professional from Ultraloq, which makes use of…

6 Min Read
A Shock  Deal on WIRED’s Favourite Espresso Maker
Tech

Sturdy Prime Day Reductions on Our Favourite Espresso and Espresso Machines

Espresso is most nice within the fall, when it wakes you up on newly darkish mornings and warms you from…

7 Min Read
Google’s Pixel 10 Professional Fold Does not Really feel ‘Pro,’ however It’s Nonetheless Enjoyable
Tech

Google’s Pixel 10 Professional Fold Does not Really feel ‘Pro,’ however It’s Nonetheless Enjoyable

Magnets are probably the most thrilling new function on Google's Pixel 10 Professional Fold for me. I used to be…

4 Min Read
The Wall Street Publication

About Us

The Wall Street Publication, a distinguished part of the Enspirers News Group, stands as a beacon of excellence in journalism. Committed to delivering unfiltered global news, we pride ourselves on our trusted coverage of Politics, Business, Technology, and more.

Company

  • About Us
  • Newsroom Policies & Standards
  • Diversity & Inclusion
  • Careers
  • Media & Community Relations
  • WP Creative Group
  • Accessibility Statement

Contact

  • Contact Us
  • Contact Customer Care
  • Advertise
  • Licensing & Syndication
  • Request a Correction
  • Contact the Newsroom
  • Send a News Tip
  • Report a Vulnerability

Term of Use

  • Digital Products Terms of Sale
  • Terms of Service
  • Privacy Policy
  • Cookie Settings
  • Submissions & Discussion Policy
  • RSS Terms of Service
  • Ad Choices

© 2024 The Wall Street Publication. All Rights Reserved.

Welcome Back!

Sign in to your account

Lost your password?