Monday, November 4, 2024
HomeRansomwareRomanian Authorities Arrested Two REvil Ransomware RaaS Family Affiliates

Romanian Authorities Arrested Two REvil Ransomware RaaS Family Affiliates

Published on

Malware protection

Seven users were recently being suspected of using ransomware services on the Internet were arrested, and out of that seven users, five detainees are assumed of having links with the REvil group.

However, among the five detainees, one is a Ukrainian imposed by the United States with ransomware attacks that include the Kaseya attacks which were attributed to REvil.

While Europol affirmed that the suspects are considered to have harmonized more than 5,000 ransomware attacks and they have also forced close to $600,000 from victims.

- Advertisement - SIEM as a Service

On November 4 an arrest took place which was a  part of a joint operation named as GoldDust, this operation led to the arrest of three other REvil members, and out of the three, two suspects have been connected to GandCrab in Kuwait and South Korea.

DOJ Seizes $6.1M in Ransom Profits

The U.S. Department of Justice (DOJ) opened an accusation that is crediting Yaroslav Vasinskyi, 22, a citizen of Ukrainian, that has been conducting ransomware attacks against multiple victims.

Moreover, the DOJ also stated that they have seized $6.1 million as ransom payments, and this money was being received by Yevgeniy Polyanin, 28, a Russian citizen, who is also charged for conducting several attacks in Texas.

Operation GoldDust

The operation GoldDust was done specifically to arrest the members of REvil ransomware group. The REvil operators pronounced that their infrastructure went down and they are discontinuing their operations for the time being but that will soon come back.

The Europol declared the results of the GoldDust operation, in which it was found that 17 other countries participated in it, with the support of Interpol and Eurojust.

Lastly, during the period of their activity, the threat actors have attacked about 7 thousand users, requesting a total of more than 200 million euros as ransom.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity, and hacking news updates.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Evasive Panda Attacking Cloud Services To Steal Data Using New Toolkit

The Evasive Panda group deployed a new C# framework named CloudScout to target a...

Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files

Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals...

Sophisticated Phishing Attack Targeting Ukraine Military Sectors

The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215...

Chinese Hackers Attacking Microsoft Customers With Sophisticated Password Spray Attacks

Researchers have identified a network of compromised devices, CovertNetwork-1658, used by Chinese threat actors...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

A Massive Hacking Toolkit From “You Dun” Threat Group Developed To Lauch Massive Cyber Attack

The "You Dun" hacking group exploited vulnerable Zhiyuan OA software using SQL injection, leveraging...

Embargo Ransomware Actors Abuses Safe Mode To Disable Security Solutions

In July 2024, the ransomware group Embargo targeted US companies using the malicious loader...

Hackers Use Fog Ransomware To Attack SonicWall VPNs And Breach Corporate Networks

Recent cyberattacks involving Akira and Fog threat actors have targeted various industries, exploiting a...