The European Police Organization, Europol, announced that this year, five hackers were arrested, suspected of having committed thousands of ransomware attacks. They are said to be involved with REvil, a Russian-led hacker group with a bad reputation in the field.
The targets of REvil (which stands for Ransomware-Evil) included the American Colonial Pipeline and JBS, a meat processor originally from Brazil and operating around the world.
Hackers are responsible for 5,000 attacks on companies where they “hold” computer systems hostage. Romanian police arrested two of the five suspects last week. All in all, the two would extort half a million euros from companies.
Big Guest Cards
Earlier this year, three suspects were arrested in South Korea. Operation GoldDust, which led to the arrests, was very extensive: in addition to Europol, police officers from 17 countries were involved, including the Netherlands, the United States, Canada, the United Kingdom, Germany, France and Australia. Interpol and Eurojust also participated, and technology companies such as KPN and McAfee contributed their expertise.
The approach was based on the dismantling of GandCrab, a hacker group that was guilty of the same practices and which is the predecessor of REvil. The hackers would have demanded a total of about 520 million euros in ransom for all their attacks. It’s not clear if they actually got it: Europol claims that at least some of the hacks were prevented with encryption software, which can be used to undo the hostage taking.
The closure of the Colonial pipeline in May led to fuel shortages across much of the East Coast of the United States. The US authorities offered a reward of approximately 10 million euros for information leading to the arrest of Revell’s leaders.