Crackdown Alarms Cyber Criminals

The Russian Federal Security Service has announced that members of the REvil ransomware gang have been detained after mid-January raids in several regions of the country. Previous action by Europol resulted in the arrest of a suspected REvil affiliate near the Polish and Ukrainian border. It is generally acknowledged that the biggest and most dangerous ransomware operations are in Russia, where they are comfortable in the knowledge that the authorities will ignore attacks targeting the West. That may be changing, either because of diplomatic pressure or less-publicized counterattacks that hit Russia where it hurts. “This is a big change. I have no desire to go to jail,” wrote one member of an online forum ransomware hackers frequent. “One thing is clear,” wrote another, “those who expect that the state would protect them will be greatly disappointed.” Among the concerns they voice is that administrators of the dark web communities who have details about their users could be forced to work for law enforcement following arrest.