4 REvil hackers put behind bars by Russia

4 REvil hackers put behind bars by Russia

Four cybercriminals of the REvil ransomware gang have been charged and sentenced by Russian courts.

Artem Zayets, Aleksey Malozemov, Daniil Puzyrevsky and Ruslan Khansvyarov, members of the Russian ransomware gang behind the Medibank breach, were killed on October 25 in St. He was found guilty by St. Petersburg courts of illegally transferring or using financial resources.

According to reports, Puzyrevsky and Khansvyarov were also accused of malware use and distribution.

Although the four men have been in custody since 2022, when the REvil ransomware gang was dismantled by the Russian FSB, none of them confessed to their crimes.

Puzyrevsky faces the longest prison sentence of the four with six years in prison, followed by Khansvyarov with five and a half years in prison, Malozemov with five years in prison and Zayets with four and a half years in prison.

The FBI and global law enforcement previously attempted to take down the REvil ransomware gang in 2021, but the group reemerged until the Russian FSB captured the group in January 2022, arresting 14 people and seizing infrastructure and assets.

Russia’s takedown of a Russian threat group came as a surprise to many, as the Kremlin rarely goes after domestic cyber gangs. But even more surprising is that the FSB said it arrested the gang members at the request of the United States.

Before the latest arrests, Australia, the US and the UK had announced a series of sanctions against the REvil hacker believed to be behind the 2022 Medibank hack affecting 9.7 million Australians.

“I can confirm that thanks to the hard work of the Australian Signals Directorate and the AFP, we have linked Russian citizen and cybercriminal Aleksandr Ermakov to the attack.” Foreign Minister Penny Wong he said at a press conference.

“This is the first time Australia has used cyber enforcement powers on a Russian individual for his role in the breach of the Medibank Private network.”

The US and UK quickly followed suit, with sanctions the first of their kind among three of the Five Eyes countries.

“Russian cyber actors continue to launch devastating ransomware attacks against the United States and allied countries, targeting our businesses, including critical infrastructure, to steal sensitive data.” said Treasury Secretary Brian E. Nelson.in a statement.

“Today’s tripartite action with Australia and the UK, the first such coordinated action, underlines our shared determination to hold these criminals to account.”

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding and experience of writing in technology. After studying at Macquarie University, he joined Momentum Media in 2022 and has written for a number of publications including Australian Aviation, Cyber ​​Security Connect and Defense Connect. Apart from writing, Daniel has a keen interest in music and spends his time playing in bands around Sydney.