Lavish life of FBI’s most wanted REvil affiliate in Russia

British journalists have located Yevgeniy Polyanin, a 28-year-old hacker wanted by the FBI for deploying the REvil/Sodinokibi ransomware.

The hacker was found to be living in a $380,000 house in Barnaul, a Russian city housing 610,000 residents in the Altai region, reports.

Journalists photographed the hacker driving his $74,000 Toyota Land Cruiser 200. A BMW worth over $100,000 was also seen in Polyanin’s garage next to his house.

REvil affiliates are suspected to be behind some of the most notorious recent ransomware attacks where threat actors penetrated meat supplier JBS and software company Kaseya.

Recently, US authorities added Polyanin to its wanted list, while the US Office of Foreign Assets Control (OFAC) added a company owned by Polyanin to the US sanctions list.

The US offers a reward of up to $10 million for information leading to the identification or location of Sodinokibi/REvil leadership. According to, the FBI offers a reward of up to $5 million for information leading to Polyanin’s arrest.

‘Individual entrepreneur’

Polyanin is said to be living in a luxurious house in Barnaul in the southern part of central Russia, closer to Kazachstan and Mongolia than Moscow.

Pictures taken from social media accounts belonging to people close to Polyanin show indicate the suspect is a fan Japanese manga series Naruto, a story of a ninja seeking recognition from his peers.

Neighbors and family of Polyanin were aware he was wanted by the FBI but were either not concerned about the allegation or denied their veracity altogether.

Officially, Polyanin is registered as an ‘individual entrepreneur’ working with computer software and IT development.

He is wanted by the FBI for alleged conspiracy to commit fraud and related activity in connection with computers, intentional damage to a protected computer, and conspiracy to commit money laundering.

Russia does not extradite its citizens to the US, which means that only a Russian court could charge Polyanin. Earlier this year, US president Joe Biden has discussed cyber-attacks with his Russian counterpart Vladimir Putin as many notorious ransomware groups reside in Russia.

Golden age

Cyberattacks are increasing in scale, sophistication, and scope. The last 12 months were ripe with major high-profile cyberattacks, such as the SolarWinds hack, attacks against the Colonial Pipeline, meat processing company JBS, and software firm Kaseya.

Pundits talk of a ransomware gold rush, with the number of attacks increasing over 90% in the first half of 2021 alone.

The prevalence of ransomware has forced governments to take multilateral action against the threat. It’s likely a combined effort allowed to push the infamous REvil and BlackMatter cartels offline and arrest the Cl0p ransomware cartel members.

Gangs, however, either rebrand or form new groups. Most recently, LockBit 2.0 was the most active ransomware group with a whopping list of 203 victims in Q3 of 2021 alone.

An average data breach costs victims $4.24 million per incident, the highest in the 17 years. For example, the average cost stood at $3.86 million per incident last year, putting recent results at a 10% increase.