Eight suspected members of the Russian criminal hacker group REvil, who were arrested by the FSB security service in January, are likely to be released. According to the Russian newspaper Kommersant the US authorities, who had asked to be arrested at the time, would now refuse to cooperate with the judicial investigation which has stopped it.
The suspects could therefore only be prosecuted for fraud with bank cards from two “Mexicans living in the United States”. Their lawyers say in the newspaper that they will ask for the release of their clients and propose a settlement that can help their clients in the cyber war against Ukraine. The Washington Department of Justice does not respond to questions about the case to U.S. media.
The release of REvil hackers would put an end to any lingering hope for Russia’s participation in the fight against cybercrime. It has disruptive consequences worldwide. Before relations between Russia and the West deteriorated further as a result of the war in Ukraine, the long-standing attitude of the Russian authorities towards criminal hackers was a major source of irritation in the West.
The proposed settlement would fit in with the image that the Russian authorities regularly use the services of cybercriminals, who would be forced to do so if necessary.
Most infamous gangs
REvil has been one of the largest and most notorious so-called ransomware gangs in recent years, which blackmail victims by encrypting their files. In an interview with a Russian investigator, an alleged member of the gang once boasted that REvil had earned over $ 100 million in one year.
The group is being held accountable by the US Federal Bureau of Investigation FBI for disrupting ransomware attacks on several Western companies, including the world’s largest meat processor JBS and IT service provider Kaseya. One of the detainees is also said to have previously been involved in the hacking of the Colonial Pipeline, which operates the main oil, gasoline and petroleum pipeline on the U.S. East Coast. The attack and the subsequent hoarding anger among motorists caused local fuel shortages.
Several suspects were arrested in January raids in several Russian cities, and Russian authorities seized computer equipment, 20 expensive cars and large sums in rubles, dollars, euros and cryptocurrencies.
also read Ransomware increasingly disrupts social life
The closure of REvil was surprising: Western governments have long accused Russia of a long-suffering stance on cybercrime. Hackers operating from Russia would largely remain untouched as long as they do not make sacrifices in the home. Western intelligence and security researchers even see evidence of close links between some cybercriminals and the Russian government. US President Joe Biden complained about this in June during his meeting with his Russian counterpart Vladimir Putin in Geneva.
Help for Donbas
Russia’s repression of REvil took place amid rising tensions over Ukraine. By that time, Russia had already sent many tens of thousands of soldiers to the border with the neighboring country. Shortly before, Ukrainian government websites and other computer systems were hit by a cyber attack, which the Americans blame on hackers from the Russian army. Some analysts saw in the arrests no sign of rapprochement, but rather a warning: the Russians would have wanted to show that they had complete control over the hackers. The impending settlement fits into that picture.
In Kommersant, lawyer Igor Vagin says he will aim for a settlement where the suspects will not be prosecuted. They would voluntarily donate their seized riches to humanitarian aid to residents of the pro-Russian separatist “people’s republics” of Donetsk and Luhansk in Ukraine. “In addition, the suspects’ experiences could certainly be useful for Russian services in the fight against Ukrainian hackers, who have been very active lately.”
also read Cybercriminals are openly on Putin’s side – and paying