The following is a machine translation of a report at the Russian news outlet, Kommersant, concerning the sentencing of four members of the REvil ransomware group:
On Friday, October 25, the St. Petersburg Garrison Military Court announced the verdict against Artem Zayets, Aleksey Malozemov, Daniil Puzyrevsky and Ruslan Khansvyarov. The court found them guilty of illegal circulation of means of payment (Part 2 of Article 187 of the Criminal Code of the Russian Federation). Puzyrevsky and Khansvyarov were also found guilty of using and distributing malicious programs (Part 2 of Article 273 of the Criminal Code of the Russian Federation), a Kommersant-SPb correspondent reports from the courtroom.
Zayets and Malozemov were sentenced to 4.5 and 5 years in a general regime penal colony, respectively. Khansvyarov and Puzyrevsky received 5.5 and 6 years, respectively.
Read more at Kommersant[.]ru.
The arrests took place in January 2022, and defendants were detained since then. Others who were also arrested are still facing trials.
The arrests were surprising. One person involved with REvil who had communicated frequently with DataBreaches told DataBreaches that he had been questioned for about two hours by FSB and then released. But after a brief re-emergence of REvil and their discovery that the server was compromised, DataBreaches never heard from either of her REvil contacts again. DataBreaches suspects that one of her two Revil sources is one of those who was detained and possibly sentenced now.
If the initial detention of the defendants was a surprise, their continued detention and prosecutorial recommendations for sentences were even more surprising. That Russia would arrest any of its nationals was the result of President Biden urging Putin to do something to rein in Russian hackers who were attacking the U.S. There were a number of arrests in the summer of 2021, and the arrest of the REvil members in early 2022 was at the request of the U.S. and based on information provided to Russia by the U.S.
But for reasons that are not clear, after the individuals were arrested, the U.S. didn’t pursue the case. DataBreaches expected the Russian government would then drop their case, but they didn’t.
None of the defendants have ever confessed. Their counsel has pointed out what they claim are significant procedural errors the prosecutors have made. But challenges have failed. More convictions and sentences can be expected.
DataBreaches simply cannot understand what Russia has done by prosecuting Russian hackers and sentencing them as they have. Russian hackers always felt pretty safe as long as they stayed on Russian soil and didn’t attack any CIS targets. As far as DataBreaches knows, REvil was a pro-Russian group and didn’t cross any lines they shouldn’t cross politically. So why have they been prosecuted? What does Russia gain by this?
Will Russian hackers no longer feel as safe on Russian soil? And how might that impact the likelihood of Russian hackers attacking U.S. entities?