Ransomware gang sites disappear from Internet
A payment website and blog run by the REvil group has suddenly become unavailable. The reason for the disappearance is unknown, but has sparked speculation the group may have been targeted by authorities. The disappearance comes amid growing pressure between the US and Russia over cyber-crime.
Joe Biden said he raised the issue with Vlamidir Putin during a phone call on Friday, He told reporters he had made it very clear that we expect them to act" on information and hinted the US would retaliate directly to servers used for cyberattacks.
A prolific cyberattack operation
Despite speculation that either the US or Russian officials may have taken action against REvil, officials have so far declined to comment and cyber experts say sudden disappearances of groups are not necessarily uncommon.
The development comes after a series of high-profile ransomware attacks which have hit major US businesses this year.
The FBI accused REvil - also known as Sodinokibi - of being behind a ransomware attack on the world's largest meat processing company JBS last month.
The group also demanded a huge bitcoin ransom for an attack on IT firm Kaseya last week, as well as hundreds of other businesses around the globe.
A brief cybersecurity victory?
REvil has been one of the most prolific ransomware gangs and it is significant if it has indeed disappeared. Rumours abound with regards to the reasons behind this, but one hacker has claimed the US ‘feds took down’ elements of the gang’s website, so it decided to pull the plug on their operations. He added there was pressure from the Kremlin as well.
If this information proves to be accurate, it reveals a dramatic shift in policy from Russia which has been enabling gangs like REvil to operate without fear of intervention. However the hacker also hinted at another reality, saying he has no plans to retire, saying: ‘Make one go away, more will rise’.