In the early hours of July 13, the dark-web sites of the hacker group REvil suddenly went offline. Reports by the New York Times.
Among the affected resources was Happy Blog, used to publish data about victims, as well as sites for discussing the ransom amount and accepting payments.
All REvil sites are down, including the payment sites and data leak site. 🤔
The public ransomware gang represenative, Unknown, is strangely quiet.
— Lawrence Abrams (@LawrenceAbrams) July 13, 2021
Some experts believe that the sudden disappearance of REvil from the dark web is linked to aphone call between the U.S. and Russian presidents. In it, Joe Biden urged Vladimir Putin to curb ransomware attacks on American companies carried out from Russian territory. Biden later affirmed the possibility of disabling hacker servers by the United States.
Beyond the possible shutdown of REvil’s sites by order of one of the presidents, experts do not rule out that the hackers could have shut down the servers themselves amid the deteriorating situation. In that case, the attackers could lie low for a while and later return under a different name.
No statements have been issued about the arrest of REvil sites by court order. The U.S. Cyber Command declined to comment.
Companies will be affected by the shutdown of the sites, losing their ability to recover encrypted data without contact with the extortionists. It is common for hackers to publish keys for decrypting files when operations cease. However, this has not happened yet.
As noted by experts, REvil, also known as Sodinokibi, is one of the largest hacker groups in the world. According to American intelligence, the criminals carried out at least 15 attacks per month. In 2020, the extortionists’ earnings exceeded $100 million.
In May, the world’s largest meat-processing company, JBS, was targeted by REvil. It paid a ransom of $11 million in bitcoin.
In early July, as a result of a ransomware attack on the American software developer Kaseya thousands of companies were affected.
Subscribe to ForkLog’s news in Telegram: ForkLog Feed — the full news feed, ForkLog — the most important news, infographics and opinions.