Four REvil Ransomware Members Sentenced in Rare Russian Cybercrime Convictions

Four members of the now-defunct REvil ransomware operation have been sentenced to several years in prison in Russia, marking one of the rare instances where cybercriminals from the country have been convicted of hacking and money laundering charges.

Russian news publication Kommersant reported that a court in St. Petersburg found Artem Zaets, Alexei Malozemov, Daniil Puzyrevsky, and Ruslan Khansvyarov guilty of illegal circulation of means of payment. Puzyrevsky and Khansvyarov have also been found guilty of using and distributing malware.

To that end, Zaets and Malozemov were sentenced to 4.5 and 5 years in prison. Khansvyarov and Puzyrevsky received a jail term of 5.5 and 6 years, respectively.

The four individuals are part of a group of 14 people who were initially detained in connection with the case. As reported by TASS back in January 2022, eight of them were charged by the court for their malicious activities.

The remaining four members, Andrei Bessonov, Mikhail Golovachuk, Roman Muromsky, and Dmitry Korotaev, are being prosecuted under a new criminal case related to unlawful access to computer information, Kommersant added.

REvil, which was once one of the most prolific ransomware groups, was dismantled after Russia's Federal Security Service (FSB) announced arrests against several members in an unprecedented takedown.

Earlier this year, a 24-year-old Ukrainian national named Yaroslav Vasinskyi was sentenced to 13 years in prison in the U.S. and ordered to pay $16 million in restitution for carrying out more than 2,500 REvil ransomware attacks and demanding ransom payments to the tune of more than $700 million.

The sentencing of REvil members in Russia also comes a month after authorities in the country opened an investigation into Cryptex and UAPS, both of which were sanctioned by the U.S. for offering money laundering services to cybercriminals.