REvil Ransomware Group Members Released After Guilty Pleas

Four members of the REvil ransomware group have been released from custody despite pleading guilty to fraud and malware distribution charges. The Dzerzhinsky Court of St. Petersburg allowed Roman Muromsky, Andrei Bessonov, Mikhail Golovachuk, and Dmitry Korotaev to walk free after sentencing them to five years in prison on Monday. The court ruled that the gang members had spent sufficient time in a Russian detention center while awaiting trial.

The case is unrelated to the prolific and high-profile ransomware attacks that the REvil group was noted for before it was shut down in 2021. The four REvil members were among several arrests made by Russian authorities in January 2022 after the US government warned that it would take its own action against Russian ransomware groups if the Kremlin failed to do so.

According to Russian state-owned news agency TASS, Muromsky, Bessonov, Golovachuk, and Korotaev confirmed their involvement in REvil activities between October 2015 and January 2022, primarily targeting US citizens. Their operations included “carding,” a form of fraud and laundering that involves using stolen credit card information to purchase prepaid gift cards.

The court also ordered Bessonov to surrender two 2020 BMWs and a 2019 Mercedes-Benz C200. Additionally, more than $1 million (in rubles and US dollars) is to be seized from Korotaev. Notably, the sentencing did not include any fines.

A total of 14 REvil members were arrested in January 2022, four of whom — Daniil Puzyrevsky, Artem Zayets, Alexey Malozemov, and Ruslan Khansvyarov — received prison sentences of up to six and a half years in October. It is currently believed that none of them have been, or will be, extradited to the US.