Community Feature - @SttyK
Curated Intelligence's OSINT Ninja - Sh1ttyKids - has shared a collection of geolocation reports related to the REvil ransomware gang. On 14 January, the Russian FSB issued a press release following the takedown of the REvil ransomware gang. After the press release, the identities of several REvil members has been publicly disclosed. In the FSB's video, the home addresses of the REvil members was shown during the raids.
https://twitter.com/i/events/1482283630097543169
REvil's arrest on Russian soil is an unprecedented turning point in the fight against ransomware. The reaction on the Russian cybercriminal underground forums has so far been of betrayal and fear. Ransomware has gone unchecked for years. Groups like EvilCorp have publicly flaunted their wealth on social media and on the streets of Moscow. It makes it virtually impossible to believe that the FSB had no knowledge of these ransomware groups, voting instead to let them operate openly as long as they only target America.
Curated Intel Community Features are sourced using our Member Content channel on Discord. If you have recently produced a noteworthy piece of writing, a project, a podcast, an infographic or other CTI content let us know!