In a shocking twist, the Russian authorities has introduced the arrest of a number of members of REvil—the outstanding ransomware gang behind quite a few large-scale assaults on U.S. targets.

The Federal Security Service (FSB), Russia’s home intelligence company, mentioned in a press release Friday that it had not too long ago carried out raids at 25 residences throughout Moscow, Leningrad, Lipetsk, and St. Petersburg, the place 14 members of the cybercriminal gang had been arrested. During the raids, authorities seized greater than 426 million rubles, $600,000, and €500,000, together with 20 luxurious autos and hordes of pc tools.

While the identities of the hackers haven’t been made public at the moment, video offered by the FSB reveals officers chasing and handcuffing numerous people, whereas additionally rifling by means of flats. The Russian authorities additional famous that it had apprehended the criminals on the behest of the United States. The FSB press release reads (translated from Russian by way of Google):

“The search activities were based on the appeal of the US competent authorities, who reported on the leader of the criminal community and his involvement in encroaching on the information resources of foreign high-tech companies by introducing malicious software, encrypting information and extorting money for its decryption…”

REvil has been excessive on America’s shit-list ever because it carried out the large Kaseya ransomware assault final summer time. The assault used malicious software program updates within the tech agency’s well-liked IT merchandise to contaminate upwards of 1,500 completely different firms worldwide—together with many within the U.S. The incident spurred emergency action by the White House, a $10 million reward for info resulting in the gang’s arrest, and calls for a greater federal technique to fight cybercrime.

But the gang has additionally allegedly been concerned in assaults on {hardware} producer Acer, celeb regulation agency Grubman Shire Meiselas & Sacks (they reportedly leaked 2.4 gigabytes of Lady Gaga’s authorized paperwork), and Quanta, a outstanding pc components provider that works for Apple, amongst different large names. It additionally carried out a disruptive ransomware assault on meat-processing large JBS Foods last May, quickly forcing the corporate to close down a variety of its meals manufacturing websites. All in all, they’ve brought about numerous harm.

U.S. authorities have been calling on Russia to crack down on cybercriminal gangs working inside the nation’s borders for fairly a while. A collection of conferences between Russian President Vladimir Putin and U.S. President Joe Biden final 12 months confirmed the 2 leaders agreeing that extra must be accomplished to cease ransomware assaults—although Russia hasn’t actually accomplished something till simply now.

Still, it’s a probably promising improvement. If Russia is amenable to arresting this gang, that may sign a extra compliant angle relating to going after the quite a few other cybercriminal syndicates working out of its territories.

Some commentators have famous the odd timing of the FSB’s operation, nonetheless. The U.S. and Russia are presently experiencing extreme tensions over the political state of affairs in Ukraine—the place some U.S. commentators have alleged that Russia is getting ready for a army invasion. As such, the likelihood that Russia has arrested REvil as a sort of bargaining tactic with the U.S. appears believable to some. “I think being concerned about Russia’s ulterior motives is perfectly reasonable,” John Hultquist, vice chairman of menace intelligence at cyber agency Mandiant, not too long ago told WIRED.

Ukraine additionally not too long ago suffered a cyberattack that defaced authorities web sites, although there was no official attribution as to who’s accountable.