Ransomware Gang REvil Is Cancelled
A number of websites for a Russian-linked ransomware gang that has been accused of attacks on hundreds of businesses worldwide has now gone offline. The cyber crime group has collected tens of millions of dollars in ransom payments in return for restoring computer systems it has hacked.
A payment website and REvil ‘s group blog now do not work and this may perhaps be a result the group being focused upon by various Russian government authorities. This coincides with growing pressure by the US on Russia over cyber crime.
Ransomware sites can be unreliable, and it was unclear whether the site's disappearance was a momentary fluke or whether the hackers had downed tools or been removed from the internet by someone else. Both the group's payment portal and its blog, which named and shamed their victims who refused to pay the ransoms they demanded, were unreachable.
US President Joe Biden said he raised the issue with Vladimir Putin during a phone call after discussing the subject during a summit with the Russian president in Geneva last month. Mr Biden told reporters that he had spoken with President Putin and "made it very clear to him...we expect them to act" on information before the US would potentially attack the operators.
The news comes just days after White House press secretary Jen Psaki made it clear during a news conference that the US would take action against the groups if Russia did not.
The timing of has sparked speculation that either the US or Russian officials may have taken action against REvil, although officials have so far declined to comment and cyber experts say sudden disappearances of groups are not necessarily uncommon.
The development comes after a series of high-profile ransomware attacks which have hit major US businesses this year for which the FBI hold REvil - also known as Sodinokibi - of being behind.
The group is considered prolific and recently targeted IT firm Kaseya and hundreds more businesses worldwide. It is not clear what led to the websites of the ransomware-as-service group going down. Visitors to the sites, which had recently been active, were greeted with messages saying, “A server with the specified hostname could not be found.”
Reuters: BBC: CNBC: Yahoo: NDTV:
You Might Also Read:
Minimising The Impact Of Ransomware: