Accused of droppery deny their involvement in the REvil hacker group


Reaction score
Those accused of illegal circulation of payment funds deny their involvement in the REvil hacker group. The defendants were charged with unauthorized copying of information from the databases of the American company HOSTKEY. This was reported to the RAPSI correspondent by lawyer Alexander Kanishchev.

Don't understand the charge

The case of the REvil hacker group is being considered by the St. Petersburg Garrison Military Court.

"The defendants in the REvil case have nothing to do with the REvil hacker group. And in fact, they are charged only with unauthorized copying of information from the HOSTKEY company located in the United States," the lawyer said.

He explained that after the prosecutor read out the indictment, the defendants were unable to answer the judge's questions about their attitude to the prosecution.

"After listening to the prosecutor, the defendants could not express their attitude to the accusation, because they did not understand it. They say that they do not understand the essence of the charges, and therefore they are deprived of the opportunity to give any evidence on the merits, including in terms of admitting or denying guilt. That is, they did not understand what exactly they had violated," the lawyer said.

According to Kanishchev, the defendants are charged with Article 187 of the Criminal Code of the Russian Federation, that is, the acquisition, storage for the purpose of using electronic means intended for the illegal issuance or transfer of funds, committed by an organized group.

At the same time, the lawyer explained that this norm is a blank one, and the crime is two-object, that is, in order to commit a crime under Article 187 of the Criminal Code of the Russian Federation, a citizen must violate some norms of the legislation regulating banking activities and cause damage to a citizen of the Russian Federation or the Russian Federation.

"According to the case materials, no damage was caused to citizens from the activities of the defendants, and the interests of society and our state were not affected. Nor has it been established that the defendants 'actions caused damage to foreign citizens or foreign states," Kanishchev explained, adding that, for example, the investigation and prosecution are not aware of banks that own bank cards, the use of which is imputed to the defendants, and the defense's request to establish banks was rejected by the investigation during the preliminary investigation.

On a tip from the United States

In the dock are senior reserve warrant officer Artem Zayets, Alexey Malozemov, Andrey Bessonov, Mikhail Golovachuk, Roman Muromsky, Dmitry Korotaev, Daniil Puzyrevsky and Ruslan Khansvyarov. All of them are accused of droppery — illegal circulation of payment funds (part 2 of Article 187 of the Criminal Code), and Puzyrevsky and Khansvyarov-of creating, using and distributing malicious computer programs (part 2 of Article 273 of the Criminal Code). All of them have been under arrest since January 2022.

As follows from the case file, hackers of the REvil group used malware to encrypt data of commercial companies, blocking access to corporate servers, and extorted money for unblocking and decryption. Hackers attacked mainly Western companies. Among the victims of REvil were, according to the investigation, the company Quanta Computer (one of the key partners of Apple), as well as JBS Foods, Acer and others.

As reported by the Center for Public Relations (DSP) of the FSB of Russia, the activities of the REvil group became known from the appeal of US law enforcement agencies, who reported on the leader of an organized criminal community and his involvement in encroachments on the information resources of foreign high-tech companies.

Initially, 14 people were detained in the REvil case, but 8 accused were brought to trial.

"During the searches, 426 million rubles were seized, including in cryptocurrency, 600 thousand US dollars, 500 thousand euros, as well as computer equipment, crypto wallets used to commit crimes, 20 premium-class cars purchased with money obtained by criminal means," the DSP reported.


In St. Petersburg, the trial of a criminal case against alleged members of the hacker group REvil (Ransomware Evil or Sodinokibi) has begun. There were eight people in the dock, including a reserve soldier. All the defendants are charged with illegal turnover of payment funds (Article 187 of the Criminal Code), and two more are also charged with creating and distributing malicious computer programs (Article 273 of the Criminal Code).

Earlier, the court of first instance found in the investigation materials a violation of the principle of jurisdiction and returned the case to the Prosecutor General's Office of the Russian Federation, as described in detail by Kommersant. Later, the supervisory authority managed to successfully challenge this decision. Today, on November 21, the first substantive hearing was held in the St. Petersburg Garrison Military Court.

REvil became widely known after it launched attacks on foreign high-tech companies to extort funds under the threat of decrypting confidential information. However, none of the defendants admitted their connection with the group, as well as their involvement in the incriminated crimes. It should be noted that all the defendants have been in jail for almost two years. All this time, their defenders have been trying to get the court to replace the preventive measure with a non-custodial one, but each time without success.

The defense's position, as before, is based on the fact that the case has not yet identified specific victims, and those data that, according to the prosecution, indicate victims of cybercriminals belong to foreigners, mostly US citizens. In a conversation with Kommersant, the defendants 'lawyers noted that the investigation had not even managed to establish the issuing banks where the victims accounts could have been opened.

In 2021, the Ministry of Internal Affairs of the Russian Federation opened a criminal case on illegal turnover of payment funds. Then operatives conducted large-scale searches in several cities of Russia. The FSB also reported on the "liquidation of the REvil organized criminal hacker community" and the seizure of large sums in rubles, dollars, euros, cryptocurrency, as well as 20 premium cars from the defendants. Information about the group in Russia came from the American special services.
