iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Four cyber criminals of the REvil ransomware gang have been charged and sentenced by the Russian courts.
Artem Zayets, Alexei Malozemov, Daniil Puzyrevsky and Ruslan Khansvyarov, all members of the Russian ransomware gang behind the Medibank breach, were all found guilty of transferring or using illicit financial sources by St Petersburg courts on 25 October.
Puzyrevsky and Khansvyarov were also charged with the use and distribution of malware, according to reports.
Despite the four being in custody since 2022 when the REvil ransomware gang was dismantled by the Russian FSB, none of them have confessed to their crimes.
Puzyrevsky faces the longest sentence of the four with six years in prison, followed by Khansvyarov with five and a half years, Malozemov with five years and Zayets with four and a half.
The FBI and global law enforcement previously attempted to dismantle the REvil ransomware gang in 2021; however, the group reappeared until the Russian FSB seized the group in January 2022, arresting 14 people and seizing infrastructure and assets.
The Russian takedown of a Russian threat group came as a surprise to many as the Kremlin rarely goes after local cyber gangs. However, even more surprisingly, the FSB says it arrested the gang members at the request of the US.
Prior to the latest arrests, Australia, the US and the UK announced a number of sanctions on the REvil hacker believed to be behind the 2022 Medibank, which affected 9.7 million Australians.
“I can confirm that thanks to the hard work of the Australian Signals Directorate and the AFP, we have linked Russian citizen and cyber criminal Aleksandr Ermakov to the attack,” Foreign Minister Penny Wong said at a press conference.
“Australia has used cyber sanctions powers for the very first time on a Russian individual for his role in the breach of the Medibank Private network.”
The US and UK quickly followed suit, with the sanctions marking the first of their kind between the three out of five Five Eyes nations.
“Russian cyber actors continue to wage disruptive ransomware attacks against the United States and allied countries, targeting our businesses, including critical infrastructure, to steal sensitive data,” said Brian E Nelson, Under Secretary of the Treasury, in a statement.
“Today’s trilateral action with Australia and the United Kingdom, the first such coordinated action, underscores our collective resolve to hold these criminals to account.”
Be the first to hear the latest developments in the cyber industry.
