More than half a million euros were stolen in ransom payments by the two men, the statement added.
Another five men have been arrested since February, three suspected of having used REvil and two others of using GandCrab, a precursor of REvil, in ransomware attacks.
Seventeen countries have been involved in the operation, known as GoldDust. The countries involved are: Australia, Belgium, Canada, France, Germany, the Netherlands, Luxembourg, Norway, the Philippines, Poland, Romania, South Korea, Sweden, Switzerland, Kuwait, the UK and the US.
"In the beginning of October, a Sodinokibi/REvil affiliate was arrested at the Polish border after an international arrest warrant was issued by the US," the Europol statement said.
"The Ukrainian national is suspected of perpetrating the Kaseya attack, which affected up to 1500 downstream businesses and for which Sodinokibi/REvil asked a ransom of about €70 million.
"Additionally, in February, April and October 2021 authorities in South Korea arrested three affiliates involved in the GandCrab and Sodinokibi/REvil ransomware families, which had more than 1500 victims.
"On 4 November, Kuwaiti authorities arrested another GandGrab affiliate, meaning a total of seven suspects linked to the two ransomware families have been arrested since February 2021. They are suspected of attacking about 7000 victims in total."
Last month, two ransomware operators were arrested in Ukraine.
Europol said at the time the two were suspected of a number of attacks against big European and North American targets from April 2020 onwards.