Science

#Ransomware gang goes offline, prompting questions

#Ransomware gang goes offline, prompting questions

A hackeer group said to be behind this month's massive ransomware attack has disappeared from the "dark web"
A hackeer group said to be behind this month’s massive ransomware attack has disappeared from the “dark web”

A Russian-based hacker group blamed for a massive ransomware attack went offline Tuesday, sparking speculation about whether the move was the result of a government-led action.

The “dark web” page of the group known as REvil disappeared some two weeks after an attack which crippled networks of hundreds of companies worldwide and prompted a ransom demand of $70 million.

“REvil has seemingly vanished from the dark web, as its website has gone offline,” tweeted Allan Liska, a security researcher with the firm Recorded Future, who noted that the site had been unresponsive from around 0500 GMT.

The news comes after US President Joe Biden repeated a warning to his Russian counterpart Vladimir Putin about harboring cybercriminals while suggesting Washington could take action in the face of growing ransomware attacks.

Analysts in the past have suggested that the US military’s Cyber Command has the capability to strike back at hackers in the face of threats to national security, but there was no official word on any such action.

“The situation is still unfolding, but evidence suggests REvil has suffered a planned, concurrent takedown of their infrastructure, either by the operators themselves or via industry or law enforcement action,” John Hultquist of Mandiant Threat Intelligence said in an emailed statement.

“If this was a disruption operation of some kind, full details may never come to light.”

Brett Callow of the security firm Emsisoft also pointed to unanswered questions.

“Whether the outage is the result of action taken by law enforcement is unclear,” Callow said.

“If law enforcement has managed to disrupt the gang’s operations, that would obviously be a good thing, but could create problems for any companies whose data is currently encrypted. They’d not have the option of paying REvil for the key needed to decrypt their data.”

The unprecedented attack targeting the US software firm Kaseya affected an estimated 1,500 businesses.

The Kaseya attack, which was reported July 2, shut down a major Swedish supermarket chain and ricocheted around the world, impacting businesses in at least 17 countries, from pharmacies to gas stations, as well as dozens of New Zealand kindergartens.


US software firm moves to restart after huge ransomware attack


© 2021 AFP

Citation:
Ransomware gang goes offline, prompting questions (2021, July 13)
retrieved 13 July 2021
from https://techxplore.com/news/2021-07-ransomware-gang-offline-prompting.html

This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no
part may be reproduced without the written permission. The content is provided for information purposes only.

If you liked the article, do not forget to share it with your friends. Follow us on Google News too, click on the star and choose us from your favorites.

For forums sites go to Forum.BuradaBiliyorum.Com

If you want to read more Like this articles, you can visit our Science category.

Source

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Close

Please allow ads on our site

Please consider supporting us by disabling your ad blocker!