On Friday, the Russian government announced the arrest of members of a criminal hacker group known as REvil, which is accused of major attacks on US businesses and critical infrastructure.
Russia’s security service, the FSB, said in a press release that it had stopped REvil’s “illegal activities” and confiscated funds belonging to the group from more than two dozen homes in Moscow, St. Petersburg and elsewhere. Members of REvil were arrested on charges of money laundering.
According to a senior Biden administration official, the arrests included “the person responsible for the attack on the Colonial Pipeline last spring.” The largest attack resulted in the shutdown of the main pipeline on the east coast of the United States for several days. The temporary pipeline shutdown triggered massive panic buying at gas stations on and around the East Coast of the United States, leading to shortages in at least 11 states.
“We welcome reports that the Kremlin is taking law enforcement action to combat ransomware on its soil,” the US official said.
The Russian state news agency TASS reported that 14 REvil members were arrested. In a video released by TASS, Russian law enforcement agencies break into apartments, detain suspects with blurred faces, and count large wads of Russian and US currency. TASS identified one of the detainees as Roman Muromsky.
Previously it was reported that Ukraine blamed Russia in the largest cyberattack on government websites in four years.