FBI seizes more than 39 BTC from wallet of Russian national linked to REvil

In August, the United States Federal Bureau of Investigation (FBI) seized about $2.3 million in cryptocurrency obtained from ransomware attacks by the REvil group (also known as Sodinokibi).

According to court documents, on 3 August 2021 the FBI seized 39.89138522 BTC from an Exodus cryptocurrency wallet. It is not disclosed how the agency gained access to it. It is known that it is “in custody and under the control” of the FBI’s Dallas Field Office.

The wallet contained the ransom paid to REvil, and it is linked to Russian national Alexander Sikirin, authorities say. Preliminary data place him in Saint Petersburg.

The publication Bleeping Computer notes that Sikirin may be a hacker known by the alias Lalartu. He was a well-known affiliate of the GandCrab and REvil groups.

In June, the FBI returned most of the bitcoin ransom paid to the DarkSide hackers after the attack on the Colonial Pipeline operator. At the time, it was not disclosed how the agency gained access to the wallet.

Blockstream CEO Adam Back noted that, more likely, the FBI simply requested access to the wallet from its provider or hosting company, and there was no hacking involved.

Against the backdrop of rising ransomware attacks, US authorities stated that they will combat the use of cryptocurrencies by ransomware operators, tracking the ransoms paid by victims.

In November, American authorities imposed sanctions against Russian national Yevgeny Polyanin and Ukrainian Yaroslav Vasinsky, accused of cooperating with the REvil group.

Vasinsky was arrested in Poland, and bitcoin worth $6.1 million was seized from him. Polyanin is wanted by the FBI.

Read ForkLog’s bitcoin news in our Telegram — cryptocurrency news, prices and analytics.