We very well remember that fateful holiday weekend in which Kaseya was attacked by REvil. The attack immobilized hundreds of businesses as the gang encrypted their data. However, this latest development is gonna make you really, really glad.
What’s going on?
Romanian and South Korean police arrested five people, reportedly, associated with REvil. In the U.S., officials issued indictments against a Ukrainian national and a Russian national for their alleged involvement in REvil ransomware attacks. In addition to this, $6.1 million of ransom payments were seized by the authorities.
What does this imply?
REvil, after attacking Kaseya, along with the shut down of the DarkSide ransomware gang, was forced to go offline. While it attempted to reemerge, it was eventually shut down by the U.S. and European allies. The indictments suggest that the hybrid approach by law enforcement can apprehend key ransomware players if and when they slip up. The seizure of the money denotes that even if authorities can’t take them into custody, they can definitely interrupt the cybercriminals’ revenue streams.
More good news
- The U.S. Treasury Department sanctioned the Chatex cryptocurrency exchange for aiding ransomware gangs evade detection and abetting ransom transactions. This came after the Treasury sanctioned the Suex crypto exchange in September.
- The U.S. Department of State is offering up to $10 million for information on DarkSide leaders. It is also offering up to $5 million for aiding in the arrest of DarkSide affiliates.
The bottom line
While ransomware attacks are relentless, recent crackdowns by law enforcement have forced some big players to close shop, even if temporarily. Nevertheless, it is unclear how much these actions will affect future ransomware operations.
Publisher
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_255436279.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_59564641.jpg)
