Russia has conducted a special operation against ransomware crime group REvil at the request of the United States and has detained and charged the group’s members, the FSB domestic intelligence service said Friday.
The arrests were a rare apparent demonstration of collaboration between Russia and the United States, at a time of high tensions between the two over Ukraine. The announcement came even as Ukraine was responding to a massive cyberattack that shut down government websites, though there was no indication the incidents were related.
A joint police and FSB operation searched 25 addresses, detaining 14 people, the FSB said, listing assets it had seized, including 426 million rubles, $600,000, 500,000 euros, computer equipment and 20 luxury cars.
Russia informed the United States directly of the moves it had taken against the group, the FSB said on its website. The U.S. Embassy in Moscow said it could not immediately comment.
“The investigative measures were based on a request from the … United States,” the FSB said. ” … The organized criminal association has ceased to exist and the information infrastructure used for criminal purposes was neutralized.”
The REN TV channel aired footage of agents raiding homes and arresting people, pinning them to the floor, and seizing large piles of dollars and Russian rubles.
The group members have been charged and could face up to seven years in prison.
A source familiar with the case told Interfax the group’s members with Russian citizenship would not be handed over to the United States.
The United States said in November that it was offering a reward of up to $10 million for information leading to the identification or location of anyone holding a key position in the REvil group.
The United States has been hit by a string of high-profile hacks by ransom-seeking cybercriminals. A source with direct knowledge of the matter told Reuters in June that REvil was suspected of being the group behind a ransomware attack on the world’s biggest meatpacking company, JBS SA.
Washington repeatedly has accused the Russian state in the past of malicious activity on the internet, which Moscow denies.