REvil ransomware group sites go dark following string of attacks

The Russian-speaking REvil ransomware gang has seen its sites go dark, a few days after it claimed responsibility for the massive cyberattack of US IT provider Kaseya.

According to Cyberscoop, the reasons behind the sites going dark is not yet known. REvil has been widely suspected to be the prime suspect in hacks against food processing giant JBS Foods, US nuclear weapons contractor Sol Oriens and Brazilian healthcare firm Grupo Fleury.

However, the group’s biggest scalp came off the back of Kaseya – after its attack impacted the systems of over 1,000 businesses – making it one of the biggest cyberattacks in history.

REvil’s dark web site where it usually posts victim data and is home to a payment site went down suddenly, while one site stopped responding to domain name system requests.

Cyberscoop highlighted that while the cause of the outages wasn’t immediately clear, many ransomware groups regularly shutter their operations, evolve into different techniques and update their tradecraft after profitable periods.

Recent research by IBM estimated that the REvil group was able to rake in around $123m in 2020 alone.

The G7 recently called on Russia to take stronger action on ransomware attacks and cybercrime that has occurred within their borders.

Copyright © 2021 RegTech Analyst

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst

Investors

The following investor(s) were tagged in this article.