Ransomware group REvil’s websites vanish but reason unclear

Share
Russia-based hacker group, REvil, is mysteriously offline just days after President Biden urged Russian leader Vladimir Putin to take action

Websites run by the ransomware gang REvil have become unreachable sparking widespread speculation that the group had been knocked offline.

The news comes after US President Joe Biden has repeated a warning to Vladimir Putin last week about harboring cybercriminals while suggesting Washington could take action in the face of growing ransomware attacks. Biden told reporters that he had "made it very clear to him...we expect them to act" on information.

It is unclear whether the site’s disappearance is the hackers taking it down or if it has been removed from the internet by someone else. Both the group’s payment portal and its blog, which named and shamed their victims who refused to pay the ransoms they demanded, are unreachable. Vanishing acts are common in the ransomware world, where gangs tend to disappear and rebrand when they begin attracting too much heat.
 

REvil attacks

 

In May, REvil hacked major meat supplier JBS, encrypting its computers and convincing the company to pay $11 million in exchange for a promise to not leak its files to an extortion blog it kept on the dark web. Over the Fourth of July weekend, the group hacked the software company Kaseya, using its connectivity to the larger internet ecosystem to infect more than 1,500 organisations around the world.

In recent months, REvil also claimed hacks of renewable energy supplier Invenergy, PC maker Acer and Apple supplier Quanta Computer. According to data from cybersecurity firm  Check Point, it saw 15 attacks carried out by REvil per week over the last two months.

CheckPoint spokesman Ekram Ahmed explained that given the attention it has generated, REvil may have voluntarily chosen to lay low for a while, Ahmed added. "We recommend not jumping to any immediate conclusions as it's early, but REvil is, indeed, one of the most ruthless and creative ransomware gangs we've ever seen."

 

Share

Featured Articles

Resilience: Firms Fail to Grasp Cyber Financial Impact

Resilience and YouGov survey reveals 74% of mid to large UK businesses face cybercrime, while ransomware understanding lags behind data breach concerns

SonicWall and CrowdStrike Unite for SMB Security Service

SonicWall partners with endpoint protection specialist CrowdStrike to offer managed detection and response capabilities through managed service providers

FS-ISAC CISO Talks Cyber Strategies for Financial Providers

FS-ISAC CISO JD Denning explains the cyber strategies financial providers need to adopt in order to stay afloat in the wave of cyber attacks

Darktrace Reports 692% Surge in Black Friday Cyber Scams

Cyber Security

KnowBe4 Launches AI Agents to Counter Phishing Threats

Technology & AI

Gen Reports 614% Rise in Command Prompt Manipulation Scams

Cyber Security