RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

REvil

Company

width=200px
REvil is an organized group of cybercriminals providing ransomware services. In case of refusal to pay the ransom, REvil published confidential information of the victim on its page called Happy Blog.

Main article: Russian hackers

History

2025: Verdict of 4th hackers Andrei Bessonov, Mikhail Golovachuk, Roman Muromsky and Dmitry Korotaev - 5 years in prison for stealing money from bank cards using viruses

In June 2025, the Dzerzhinsky District Court of St. Petersburg appointed four members of the hacker group REvil for five years in a general regime colony, finding them guilty of stealing funds from bank cards using malware. The verdict was passed to Andrei Bessonov, Mikhail Golovachuk, Roman Muromsky and Dmitry Korotaev

According to the investigation, the defendants in the case were engaged in cardinal schemes and distributed viruses for unauthorized access to financial information. The court counted the defendants' time in the pre-trial detention center and released them from the courtroom. The criminals were convicted under part two of Article 187 of the Criminal Code of Russia for illegal circulation of funds for payments and Article 273 of the Criminal Code for the creation and distribution of malicious computer programs.

St. Petersburg court sentenced 4 hackers to 5 years in prison for stealing money from bank cards using viruses

The court ruled to confiscate from Bessonov two cars of the brand BMW - X6 Competition of 2020 and 4 Series of 2020, as well as cash in the amount of ₽51,8 million and $497.4 thousand. Mercedes-Benz The 2019 C200 4 Matic car was seized from Korotaev.

According to the materials of the investigating authorities, the criminal organization was formed no later than October 12, 2015. The group members specialized in the development and use of malicious software to obtain bank card details and other payment information.

Muromsky and his accomplices were engaged in the creation of software products for unauthorized entry into Internet resources and theft of confidential data. Golovachuk, Bessonov and Korotaev acquired, stored and used the information received to purchase expensive goods, game currency and virtual values ​ ​ on the Internet.[1]

2024

The court of St. Petersburg gave up to 6 years in prison to hackers from the REvil group

On October 25, 2024, the St. Petersburg Garrison Military Court sentenced four members of the REvil hacker group. They received from four and a half to six years in prison for the illegal circulation of payments and the distribution of malicious software.

In January 2022, the FSB announced the liquidation of the REvil group. In Moscow, St. Petersburg, Moscow, Leningrad and Lipetsk regions, 14 cybercriminals were detained, but eight of them appeared before the court: Artem Zayets, Alexey Malozemov, Daniil Puzyrevsky, Ruslan Khansvyarov, Andrey Bessonov, Mikhail Golovachuk, Roman Muromsky and Dmitry Korotaev. Members of the group are associated with attacks on companies such as Quanta Computer, JBS Foods, Acer, Kaseya, etc. However, according to the lawyers of the defendants, there were no episodes in the final indictment for all the listed companies, and the arrested persons were charged with stealing funds from bank cards of some Americans.

A court in St. Petersburg sentenced hackers from the REvil group to imprisonment for up to 6 years.

In accordance with the court ruling, Zayets and Malozemov were found guilty under Part 2 of Art. 187 of the Criminal Code of the Russian Federation - illegal circulation of funds as part of an organized group. They received four and a half and five years in a general regime colony, respectively. Puzyrevsky and Khansvyarov received five and a half and six years in prison for the creation, use and distribution of malware - part 2 of Art. 273 of the Criminal Code.

According to reports, the RBC court also decided to turn states the property and funds of the convicts into income. In particular, 268 million, rubles$422.6 thousand, €1 million, cars, Porsche two BMW models, and, Mitsubishi Subaru UAZ as well as watches of the Audemars Piguet brand, were confiscated from Puzyrevsky. Malozemov confiscated 9 million rubles, a BMW car, Cartier jewelry and a Hublot watch, and a car from Hansvyarov. Hackers Audi[2]

In the US, a Ukrainian hacker from the REvil group was sentenced to 13 years in prison for extorting $700 million from companies

On May 1, 2024, the US Department of Justice announced that Yaroslav Vasinsky, a Ukrainian hacker from the REvil group, was sentenced to 13 years and 7 months in prison for cybercriminal activities. He is alleged to have participated in extortion schemes totaling more than $700 million. Read more here.

2022

Deadlock in the investigation of the criminal case of members of the group

The investigation of the criminal case of members of the group of hackers REvil, detained by the FSB in January 2022 on a tip from the US special services, has stalled. This became known on May 27, 2022.

The American authorities refused to further cooperate with Russia, so they were able to blame the likely cyber fraudsters who allegedly stole tens of millions of dollars from the world's largest corporations only for fraud with bank cards of two Mexicans living in the United States.

From their cards, the accused, according to the investigation, remotely stole a certain amount of money, spending it on the purchase of goods in US online stores through the Mail order - Telephone order system, which allows the buyer to pay the seller via electronic means of communication. At the same time, neither the victims themselves, nor the investigation has any data on the damage caused to them, and it is now unlikely that they will be found.

Law enforcers are unlikely to be able to achieve in court appeal to the state income of the assets of the accused in the case, consisting of a total of $600 thousand, €500 thousand, 20 premium cars and bitcoins, tentatively estimated at 426 million rubles.

The Ministry of Internal Affairs seized €1 million, $950 thousand, 20 bitcoins and 300 million rubles from the hacker group

On April 6, 2022, it became known about the seizure of a large sum of money from members of the hacker group REvil. According to Russian law enforcement agencies, these arrested cybercriminals may be involved in embezzlement of funds from US citizens and legal entities.

According to Interfax"" with reference to the deputy Minister of the Interior Russia - the head of the Investigative Department MINISTRY OF INTERNAL AFFAIRS Sergei Lebedev, 16 technical, forensic and computer forensic examinations have been appointed within the framework of the case. As a result of 26 searches, 300 million, rubles about $950 thousand and more than 1 million euros, as well as a flash drive with about 20 were seized from the defendants in the case. bitcoins

The Ministry of Internal Affairs seized 1 million euros, $950 thousand, 20 bitcoins and 300 million rubles from the hacker group

Lebedev recalled that the special operation of the FSB to suppress the activities of the hacker group was carried out after the appeal of the competent US authorities for help in investigating the theft of funds of Americans and their companies, but now foreign partners are in no hurry to provide the necessary information that would allow the perpetrators to be brought to justice and restore the violated rights of their own citizens, said the deputy head of the Russian department.

In January 2022, the FSB, in cooperation with the Investigative Department of the Ministry of Internal Affairs of Russia in Moscow, St. Petersburg, Moscow, Leningrad and Lipetsk regions, detained members of the cybercriminal community known as REvil. Along with the arrests in Russia, five cyber cops were arrested in Ukraine.

According to the FSB, the detainees developed malicious software, organized the theft of money from the bank accounts of foreign citizens and their cashing, including by purchasing expensive goods on the Internet. The amount of damage from the actions of hackers by the beginning of April 2022 is not reported.[3]

Notes