Two Ukrainian citizens  have been arrested by the United States Department of Justice for their involvement with the ransomware group REvil, which had been linked to targeting Apple and supplier Quanta Computer and others. They had threatened to make public schematics of the latest MacBook Pro models.

More specifically, the REvil ransomware gang asked Apple to "buy back" stolen product blueprints to avoid having them leaked on REvil's leak site before today's Apple Spring Loaded event. The extortion extended to releasing all personal data of employees and customers.

Late yesterday the U.S. Department of Justice sent out a press release on the arrest of Yaroslav Vasinskyi and Yevgeniy Polyanin in relation to their cyberattack on "multiple victims" including Kaseya.  

Attorney General Garland stated: "Cybercrime is a serious threat to our country: to our personal safety, to the health of our economy, and to our national security. Our message today is clear. The United States, together with our allies, will do everything in our power to identify the perpetrators of ransomware attacks, to bring them to justice, and to recover the funds they have stolen from their victims."

Deputy Attorney General Monaco stated: "Our message to ransomware criminals is clear: If you target victims here, we will target you. The Sodinokibi/REvil ransomware group attacks companies and critical infrastructures around the world, and today’s announcements showed how we will fight back.  In another success for the department’s recently launched Ransomware and Digital Extortion Task Force, criminals now know we will take away your profits, your ability to travel, and – ultimately – your freedom. Together with our partners at home and abroad, the Department will continue to dismantle ransomware groups and disrupt the cybercriminal ecosystem that allows ransomware to exist and to threaten all of us."

(Click on image to Enlarge)

FBI Director Christopher Wray stated: "The arrest of Yaroslav Vasinskyi, the charges against Yevgeniy Polyanin and seizure of $6.1 million of their assets, and the arrests of two other Sodinokibi/REvil actors in Romania are the culmination of close collaboration with our international, U.S. government and especially our private sector partners. The FBI has worked creatively and relentlessly to counter the criminal hackers behind Sodinokibi/REvil. Ransomware groups like them pose a serious, unacceptable threat to our safety and our economic well-being. We will continue to broadly target their actors and facilitators, their infrastructure, and their money, wherever in the world those might be."

Acting U.S. Attorney Chad E. Meacham for the Northern District of Texas stated: "Ransomware can cripple a business in a matter of minutes. These two defendants deployed some of the internet’s most virulent code, authored by REvil, to hijack victim computers. In a matter of months, the Justice Department identified the perpetrators, effected an arrest, and seized a significant sum of money. The Department will delve into the darkest corners of the internet and the furthest reaches of the globe to track down cyber criminals." For more on this, read the full press release here.