Five hackers linked to ransomware gang REvil arrested since Feb -Europol

The arrests of the suspects, including two on Nov. 4 by Romanian authorities, were part of Operation GoldDust that involved Europol, Eurojust and Interpol, it said.

European Union flags flutter outside the European Commission headquarters in Brussels, Belgium, March 24, 2021 (photo credit: REUTERS/YVES HERMAN)
European Union flags flutter outside the European Commission headquarters in Brussels, Belgium, March 24, 2021
(photo credit: REUTERS/YVES HERMAN)

Five hackers linked to ransomware group REvil and responsible for thousands of cyberattacks have been arrested since February, European Union's law enforcement agency Europol said on Monday.

The arrests of the suspects, including two on Nov. 4 by Romanian authorities, were part of Operation GoldDust that involved Europol, Eurojust and Interpol, it said.

The suspects have allegedly extorted an estimated 500 million euros ($577.70 million) from companies for restoring their computer systems after hacking them.

Last month, Reuters had exclusively reported that the group REvil was itself hacked and forced offline by a multi-country operation, according to three private sector cyber experts working with the United States and one former official.

 People pose in front of a display showing the word 'cyber' in binary code, in this picture illustration taken in Zenica December 27, 2014. Picture taken December 27, 2014. (credit: REUTERS/DADO RUVIC/FILE PHOTO)
People pose in front of a display showing the word 'cyber' in binary code, in this picture illustration taken in Zenica December 27, 2014. Picture taken December 27, 2014. (credit: REUTERS/DADO RUVIC/FILE PHOTO)

Former partners and associates of Russian-led criminal gang REvil, or "Ransomware-Evil," were the ones responsible for a May cyberattack on the Colonial Pipeline that led to widespread gas shortages on the US East Coast. REvil's direct victims include top meatpacker JBS.

Operation GoldDust, to which 17 countries including the United States, the UK, France, Australia and Germany are party to, was created based on investigations targeting a prolific old ransomware strain GandCrab, which is seen as the predecessor of REvil.