January 25, 2022

The high-profile arrests of cybercriminals have sent shockwaves among dark web criminals, fearing the worst as law enforcement agencies seem to close in on them.  

On January 14, Russia’s Federal Security Service (FSB) arrested and detained members of the REvil ransomware gang operating from within the country and dismantled their operations. Another string of arrests was made by Europol, leading to the detention of a suspected REvil affiliate in the Polish and Ukrainian border.

An analysis of conversations on Dark Web forums by cybersecurity researchers at Trustwave SpiderLabs reveal that the recent arrests, especially those made in Russia, have scared cyber criminals, with many worrying that they might be next. 

Some worry that administrators of the dark web communities who have details on their users could be coerced into partnering with law enforcement after their arrest. 

Many forum members and ransomware affiliates are also contemplating on moving operations to another location, although this is an unrealistic option for most. 

“Those that are seasoned in cybercrime understand that by moving outside of Russia, they’ll be taking on an even greater risk of being arrested by international law enforcement agencies. These agencies that are keeping tabs on cyber criminals will be watching for such potential moves,” said Ziv Mador, VP security research at Trustwave SpiderLabs. “Also, there is a large talent pool in Russia already, so more members and affiliates can always be recruited. Recruiting can become more difficult in other geographies. There is a level of trust that is required, and that trust diminishes the further away a prospective member is from ‘home base’,” he added. 

For more information, read the original story in ZDNet.