In August, the FBI seized nearly $2 million worth of Bitcoin related to ransomware attacks by Russia-based Aleksandr Sikerin. The criminal is known for his ties to the ransomware group REvil, which has attacked numerous U.S. companies in the past.
FBI seized $1.9 million worth of BTC
The FBI seized 39.89138522 Bitcoin from an Exodus wallet worth $1.9 million. The court document explains that the wallet contained REvil ransom payments belonging to a member identified as Aleksandr Sikerin, whose email address is [email protected] The FBI did not explain how they gained access to the wallet other than it was in their custody, indicating they likely had access to the wallet’s private key or secret passphrase.
The seizure was part of an ongoing U.S. effort to block the funding sources of Russian and Eastern European cybercriminals following recent attacks on American infrastructure. The White House continues to appeal to Russian President Vladimir Putin to take action against malicious actors operating from Russia’s borders. Earlier this month, the U.S. Department of Justice (DOJ) announced that it had seized $6.1 million from Yevgeniy Polyanin, a Russian “charged with deploying Sodinokibi/REvil ransomware to attack businesses and government entities in the United States.”
What is REvil?
REvil operates as a Ransomware-as-a-Service (RaaS), in which the lead operators partner with third-party hackers known as affiliates. Under this arrangement, the lead operators develop and manage the encryption/decryption software, payment portal, and data leak sites. The affiliates are tasked with hacking corporate networks, stealing data, and using ransomware to encrypt devices. The hackers often demand a payment in cryptocurrencies such as Monero or Bitcoin in their ransomware attacks.
Earlier this year, REvil attacked JBS USA, the world’s largest meat processor with more than $50 billion in annual sales. The hacker locked sensitive data from JBS that crippled production and demanded a ransom of $11 million in Bitcoin. The meat producer decided to pay the demand, fearing it would fall victim to another attack that could further harm all customers who rely on the company’s products.