Blog

Hackers Behind REvil Ransomware Are Back Online

Sep 22, 2021 | Blog

Not long after successfully attacking Kaseya the band of cyber criminals behind the REvil ransomware strain went dark. Their “Happy Blog” mysteriously went offline.

It is not known if the group went into hiding as a safety precaution after their attack drew worldwide condemnation. It could have been as a result of action by law enforcement agencies. The truth is not currently known.

Many credit Presidents Biden and Putin because the group went silent not long after the two leaders spoke. Biden pressed the Russian leader about ransomware attacks that originated from Russian soil.

Kaseya is a global IT solutions company based in Ireland. The REvil attack impacted thousands of end users in more than a thousand small to medium-sized companies that Kaseya serves. Whatever drove the hacking group offline temporarily the pressure seems to have faded. The group has returned. Security researchers from both Emsisoft and Recorded Future have confirmed that most of the gang’s infrastructure is back in operation.

Ransomware expert Allan Liska had this to say about the group:

“Things definitely got hot for them for a while, so they needed to let law enforcement cool down. The problem (for them) is, if this is really the same group, using the same infrastructure, they didn’t really buy themselves any distance from law enforcement or researchers, which is going to put them right back in the crosshairs of literally every law enforcement group in the world (except Russia’s).

I’ll also add that I’ve checked all of the usual code repositories, like VirusTotal and Malware Bazaar, and I have not seen any new samples posted yet. So, if they have launched any new ransomware attacks, there haven’t been many of them.”

BlackFog’s CEO Darren Williams added that he’s not surprised that the group resurfaced. REvil is one of the most successful ransomware variants of 2021. With so much demand from hackers around the world it would have been virtually impossible for the group to remain hidden and offline.

REvil is back and it is just a matter of time before REvil attacks begin anew.

FBI Program Tasked with Infrastructure Security Compromised

FBI Program Tasked with Infrastructure Security Compromised

The FBI program tasked with ensuring critical infrastructure security has been compromised by hackers, who now offer access to the program's data on the dark web. The breach was initially disclosed by Brian Krebs of Krebs on Security, who claims that the data was for...

Streamline Your Business with the Latest Smart Home Technology

Streamline Your Business with the Latest Smart Home Technology

Are you a business owner looking to get the most out of your Google smart home devices? If so, you're in luck! Google has enabled its Nest products and Android OS with the initial rollout of the Matter smart home standard. This means that businesses now have the...

Data Breach at Sequoia One Exposes Sensitive Customer Information

Data Breach at Sequoia One Exposes Sensitive Customer Information

What do you do when your most personal information has been compromised? This is likely the question that customers of Sequoia One asked themselves earlier this month as they were informed that the company had been hacked. Sequoia One specializes in the management of...

Cisco Reports Critical IP Phone Vulnerability

Cisco Reports Critical IP Phone Vulnerability

As a business owner, it's important to stay informed about potential vulnerabilities that could impact your organization. Recently, Cisco reported a critical vulnerability, tracked as CVE-2022-20968, affecting its IP Phone 7800 and 8800 Series. This new vulnerability...

Google Chrome Releases Two New Features

Google Chrome Releases Two New Features

Google Chrome is one of the more commonly used web browsers. Over the years, though, Chrome has gained a reputation for utilizing a large portion of a computer's memory. This can be a problem if you're running other resource-intensive tasks and don't want to slow...

Get a Free Consultation

 

Fill out the form below to receive a free consultation and learn how we can make your technology worry-free!

 

Contact Information

  • 39301 Badger Street, Suite 500
    Palm Desert, CA 9221
  • (760) 333-8523
  • info@icn.tech