REvil's attorney offers gangs' funds and manpower for war in Ukraine


Extortion money and cybercriminals could enter the conflict as the case against Revil in Russia hit a dead-end amidst the Kremlin's invasion of Ukraine.

Russia's war in Ukraine might save members of the notorious REvil ransomware cartel from prosecution. With Washington and Moscow relations at their lowest since the end of the Cold War, the case against REvil gang members has hit a deadlock.

In January, Russia's domestic intelligence service, the FSB, detained 14 REvil-linked people at US request. However, American authorities refused to cooperate with their Russian counterparts further, claims Kommersant, a Russian business news outlet.

ADVERTISEMENT

The reason behind the lack of enthusiasm on America's part is Russia's war in Ukraine. Kommersant does not spell this out, as Russian media is not allowed use the term 'war' when describing hostilities that Russia kick-started.

One of the attorneys representing REvil spotted an interview with Dmitry Korotaev, the head of Russia's Security Council. He told journalists that the investigation of cybercriminals was suspended due to a lack of cooperation with the US.

According to Kommersant, the Russian side has only enough information to accuse the suspects of using stolen credit card information that belongs to two persons living in the US.

According to REvil's attorney Igor Vargin, there is no information about more victims or any damaged data, and there's no indication of any damage the defendants inflicted. He added that there were no victims in Russia.

Interestingly enough, to avoid the case going to court Vargin hinted the group members would be willing to transfer the seized funds to help prop up Russia-occupied territories in Ukraine, which Moscow claims are independent states.

During January's arrests, the FSB had seized 426 million rubles, $600,000, 500,000 euros, computer equipment, 20 luxury cars, and other assets.

"At the same time, the unique experience of the former defendants would certainly be useful to the Russian special services in the fight against hackers from Ukraine that have become more active lately," Vargin said.

ADVERTISEMENT

Competing hacker groups launched numerous attacks after Russia invaded Ukraine on 24 February. Anonymous, Ukraine's IT Army, Hacker Forces, and many other hacktivist groups started targeting Russia's state-owned enterprises and businesses.

REvil affiliates are suspected to be behind some of the most notorious recent ransomware attacks where threat actors penetrated the Colonial Pipeline, meat supplier JBS, and software company Kaseya.

Last November, the US Treasury offered a bounty for information on REvil members. A reward of up to $10 million was offered for information leading to the identification or location of Sodinokibi/REvil leadership.