Russia says it has disbanded the REvil hacking team at the request of the US News

Moscow says it has attacked a group of ransomware cybercriminals suspected of attacks on U.S. companies, at Washington’s request.

Russia has disbanded the REvil ransomware crime group at the request of the US in an operation that arrested and charged members of the group, according to the Russian Federal Security Service (FSB) home intelligence service.

The FSB said in a statement on Friday that it had “suppressed the illegal activities” of members of the group in a search of 25 addresses that carried 14 people.

The arrests were a rare demonstration of US-Russian cooperation during a period of high tensions between them in Ukraine.

The announcement came as Ukraine was responding to a major cyber-attack that shut down government websites, although there was no indication that the incident was related.

A senior administration official told Reuters he wanted to remain anonymous: “We understand that a person arrested today was responsible for the attack on Colonial Pipeline last spring.”

A May cyber attack on the Colonial Pipeline that caused the spread of gas shortages on the East Coast of the United States used encryption software called DarkSide, developed by members of REvil.

A US official quoted by the AFP news agency also praised the arrests, saying: “I want to be very clear, in our opinion, that this has nothing to do with what is happening with Russia and Ukraine.

“I’m not talking about the reasons for the Kremlin, but we’re happy with these initial actions,” he said on condition of anonymity.

“We have also been very clear: if Russia invades Ukraine more … we will impose a heavy cost on Russia in coordination with our allies.”

The FSB listed the seized REvil assets, including 426 million rubles, $ 600,000, 500,000 euros, 20 computer equipment and 20 luxury cars.

A Moscow court has identified two of the men as Roman Muromsky and Andrei Bessonov and jailed them for two months.

Two friends who know Muromsky told Reuters that he was a web developer who helped them with their business websites.

No official comments from the US

Russia has reported directly on Washington’s move against the group, the FSB said. The U.S. embassy in Moscow said it could not comment immediately.

“The investigative measures were based on a request from the United States,” the FSB said. “… The organized criminal association has ceased to exist and the information infrastructure used for criminal purposes has been neutralized.”

The REN television channel filmed agents searching homes and arresting people, putting them on the ground and seizing large piles of Russian dollars and rubles.

The team members have been indicted and could face up to seven years in prison, the FSB said.

A source familiar with the case told Russia’s Interfax news agency that members of the group with Russian citizenship would not be handed over to the United States.

The U.S. announced in November that it was offering a $ 10 million prize for identifying or locating anyone with a key role in the REvil group.

The country has been hit by a series of notorious cybercriminals seeking rescue. A source familiar with the matter told Reuters in June that REvil JBS SA suspected it was a ransomware attack on the world’s largest meat-packing company.

Washington has repeatedly accused the Russian state of engaging in malicious activity on the Internet, and Moscow denies it. REvil has been tied up for months without much attack.

Muromsky, who was arrested in Friday’s attacks, is 30 years old and was born in Anapan, southern Russia, a client told Reuters. “He worked as a regular programmer.”

Another client, Adam Guzuyev, described Muromsky as a “regular employee” who proved that Guzuyev could not install all the features he wanted on his website.

“He did not earn more than 60,000 rubles. I can’t say he has genius skills, ”he said.