Multiple arrests have been made recently as part of a nationwide ransomware sting, according to a Tuesday (Nov. 9) report from NBC News.
The U.S. and European Union recently made seven arrests, with each suspect accused of using malicious software for Russian-based ransomware-as-a-service REvil, according to the report.
On Monday (Nov. 8), law enforcement officials nabbed $6.1 million in ransom payments and federal prosecutors charged Ukrainian national Yaroslav Vasinskyi after a July ransomware attack on American software company Kaseya, as PYMNTS reported. Vasinskyi, as well as Russian national Yevgeniy Polyanin, were charged with conspiracy to commit fraud and conspiracy to commit money laundering, among other charges.
In late July, following the ransomware attack, Kaseya found a universal key that could decrypt the more than 1,000 businesses and organizations impacted by the attack.
There are several reasons the Florida company could have received the key: Kaseya could have put up funds; the government might have offered payment in exchange; victims could have contributed funds for its release; or the Kremlin might have taken the key from the scammers and provided it through a third party, PYMNTS noted.
The Kaseya attack was significant because it spread through software via managed service providers, which facilitate multiple customer networks’ software updates and security patches.
Romania, South Korea and Kuwait have also arrested suspects alleged to be involved with REvil since late last week, according to NBC News.
REvil was said to be responsible for the cyberattacks of 200 companies through the Kaseya ransomware scheme. In all, REvil has said more than one million systems were impacted.
In May, REvil launched a ransomware attack on the U.S.-based meatpacker JBS, which yielded an $11 million ransom.
So far in 2021, scammers have extorted roughly $33 million in bitcoin, according to PYMNTS.