Fact Check: "REvil hackers released after just five years for payment card fraud."
What We Know
The claim regarding the release of REvil hackers is based on the recent legal outcomes for several members of the REvil ransomware group. According to reports, four members of the REvil group were arrested in January 2022 and subsequently sentenced to five years in prison for their involvement in carding and malware distribution activities. They were released after serving time in a Russian detention center, as the court deemed that they had already served their sentences during the investigation and trial process (BleepingComputer, CyberScoop).
The REvil group, known for its ransomware operations, was particularly notorious for its cybercrimes, which included stealing payment card information and distributing malware. Their activities reportedly spanned from October 2015 to January 2022 (BleepingComputer).
Analysis
The evidence surrounding the claim is mixed but leans towards accuracy. The four individuals, identified as Andrey Bessonov, Mikhail Golovachuk, Roman Muromsky, and Dmitry Korotayev, were indeed released after pleading guilty to charges related to carding and malware distribution (BleepingComputer, CyberScoop). The Russian legal system allowed for their early release based on the time they had already spent in custody, which is a common practice in many legal systems, including Russia's.
However, the broader context of the REvil group's activities and the legal proceedings against its members is complex. While the four members were released after serving time for specific charges, other members of the REvil group remain in custody and face different legal outcomes, indicating that not all members were treated the same way (BleepingComputer, CyberScoop).
The reliability of the sources is generally strong, as they are established cybersecurity news outlets that report on legal and criminal activities related to cybercrime. However, it is essential to note that Russian legal proceedings can be opaque, and the motivations behind the release of these individuals may not be fully transparent.
Conclusion
The claim that "REvil hackers were released after just five years for payment card fraud" is Partially True. While it accurately reflects the release of specific members of the REvil group after serving their sentences, it simplifies the complexity of the situation. The release pertains to only a subset of the group, and the circumstances surrounding their release involve legal nuances that are not fully captured in the claim.
