Seven members of ransomware gang arrested, $10mn bounty announced for leader

Notorious Russian-linked ransomware gang responsible for affecting 5000 victims and extorting money from a host of companies – including a US tech firm and the world’s largest meat processor – has perhaps finally run into a brick wall.  

Seven suspected hackers linked to the gang have been rounded up as part of a global crackdown on the gang, according to European law enforcement personnel.  

While none of the hackers have been identified by name yet, Europol says that two of the suspects have links to REvil (also known as Sodinokibi), a group of ransomware hackers that have been responsible for a slew of high-profile attacks.  

Authorities in Kuwait arrested another hacker last week, while South Korean authorities have arrested three individuals since February. The seventh arrest was made last month in Europe. 

These arrests are all part of a global concerted effort against ransomware attacks called GoldDust. Featuring the United States and 16 other nations, this operation has been hot on REvil’s heels in recent months, especially given how the ransomware gang has affected JBS SA (the world’s largest meat processing company) and Kaseya, a prominent US-based software firm. 

The US Department of Justice (DOJ) charged a 22-year-old Ukrainian linked to the gang for the infamous ransomware attack on Kaseya which affected over 1,500 businesses and carried a ransom demand of $70 million. Moreover, it also seized more than $6 million worth of extorted money from another member of the group. 

“The Justice Department is sparing no resource to identify and bring to justice anyone, anywhere who targets the United States with a ransomware attack,” stated US Attorney General Merrick Garland. 

The US State Department has even announced an incredible bounty hunt for the remaining members of REvil.  

As reported by TechCrunch, a sum of $10 million is to be awarded “for information leading to the identification or location of any individual(s) who hold a key leadership position in the Sodinokibi/REvil ransomware variant transnational organized crime group,” as well as up to $5 million for information leading to the arrest or conviction of any individual participating in a REvil variant ransomware incident.