Over the past few years, the US has been subjected to many ransomware attacks. These incidents have resulted in the loss of millions of dollars. The government is trying to tackle the problem, but the attacks don’t seem to stop.

Surprisingly, most of them have been traced back to Russian hackers. The most recent ransomware attack took place in July 2021. Even this incident has been blamed on a Russian group.

Here is everything that you need to know about Russian ransomware hackers.

How Do The Ransomware Attacks Work?

All the hackers that have been alleged or claimed responsibility works on a ransomware business model. They encrypt the user data using their algorithms and prevent access to it. To regain access, you will have to pay them a hefty sum.

Once receiving the money, they give you the key for decryption. However, this is not the case every time. On many occasions, the hackers go off-grid without providing the key.

Russian Ransomware Hackers

Since the past few years, many different groups have surfaced. Some of them have claimed responsibility for many incidents. Meanwhile, others remain alleged with concrete evidence.

Here are some of the Russian Hackers that authorities have identified:


This hacking group is also famous by the name of Sodinokibi. It has taken responsibility for hacking incidents many times. In June, the FBI blamed them for the attack on JBS.

The company is the largest meat processor in the world. It is reported that REvil extorted $11 million. Besides that, the attack wiped out 20% of the US’s beef production.

In July, another attack occurred that affected about 200 firms in the US. Authorities have yet again alleged REvil for this incident. That is because the ransom demand was posted on a blog they use.


This is another famous hacker group that uses ransomware attacks to extort money. Their most recent strike took place in May when they attacked Colonial Pipeline. As a result, the country suffered from a gas shortage.

The government paid $4.4 million as ransom. However, $2.3 million have been recovered.

Unit 26165

This unit of Russian spies manipulated the 2016 election, which led to Trump coming into power. The discovery was made in 2018 after an investigation, and many members of the unit were indicted. Since then, they have been surfacing in the news often.

Last year, they were called out for hacking into Linux systems. And this year, in July, both US and British officials disclosed their misuse of VPNs.

Final Words

Those were all the facts you needed to know about the Russian ransomware hackers. Many cyber-attacks on US-based companies have either been conducted by hackers with ties to Russia or originated directly from the country.

President Biden has even warned Putin and vowed to retaliate in case of other future attacks. The Russian government, of course, denies involvement in the hacking events. But only time will whether they played a role in harming the US businesses or not.