REvil, the ransomware group that leaked MacBook Pro design schematics and even tried to get Apple vendor Quanta to pay a ransom, has been arrested by Russian authorities.
The group had accessed the internal computers of Apple’s main MacBook supplier Quanta Computer Inc, which is based in Taiwan. REvil threatened Quanta with ransomware, demanding $50 million by April 27, 2021, in order to stop it from leaking product blueprints. However, after Quanta did not comply, REvil turned to Apple for the ransom, but later dropped its demands.
REvil ransomware group is no more
These are the same schematics that had confirmed MacBook Pro features such as SD card reader, MagSafe, three USB-C ports, and HDMI way before the official launch of the product.
Russian security service FSB has announced that it had arrested the leader of the group who gave up information on its operations as well as other members. This was done based on the request of US authorities, who shared details of the group leader.
The search activities were based on the appeal of the US competent authorities, who reported on the leader of the criminal community and his involvement in encroaching on the information resources of foreign high-tech companies by introducing malicious software, encrypting information and extorting money for its decryption.
The resulting arrests helped in recovering funds in various currencies, cryptocurrency, computer equipment, and other assets including cars bought with the ransomware money.
As a result of a complex of coordinated investigative and operational-search measures in 25 addresses at the locations of 14 members of an organized criminal community, funds were seized: over 426 million rubles, including in cryptocurrency, 600 thousand US dollars, 500 thousand euros, as well as computer equipment, crypto wallets used to commit crimes, 20 premium cars purchased with money obtained from crime.
The group has been charged with “Illegal turnover of means of payments” according to Russian criminal code.