Revil, accused of a massive attack with a blackmail malware, has apparently disappeared and the group’s pages are no longer online.
Over a group of hackers accused of attacking a thousand companies has apparently disappeared from the lines. Experts suspect the Russian-speaking Revil group, which has numerous blackmail strikes, is responsible for the attack.
Revil’s site on the dark web, the dark web, had disappeared about two weeks after the attack.
Allan Liska, a representative of the US cyber security company Recorded Future, spoke about the matter On Twitter. According to him, Revil’s websites had been upside down in Finnish time since Tuesday morning.
President of the United States Joe Biden had repeated only last week to the President of Russia To Vladimir Putin warnings regarding the protection of cybercriminals. He suggested that the United States could take action as the number of attacks on blackmail malware increased.
Analysts have previously estimated that USCYBERCOM, under the U.S. Department of Defense, would have a crackdown on hackers if national security were threatened.
However, there has been no official information on such an action.
Security company Emsisoftin Brett Callowin according to him, the possible intervention of law enforcement could cause problems for the companies affected.
“If law enforcement has managed to suspend the group’s operations, that would clearly be a good thing,” Callow says.
However, this could cause problems for those companies from which the data exported has been encrypted by a hacker group.
“They would not be able to pay Revil for the key required to decrypt the data.”
However, he stressed that it is not yet clear whether the disappearance of Revil’s sites is the result of government action.
Representative of the Center for Strategic and International Studies in Washington James Lewisin According to the site, there may be several reasons for the closure. This may be due, for example, to pressure from the Russian authorities.
Lewis, in his own words, does not believe the United States was behind the lockout.
Liska pointed out that there has been no change of ownership of the site and that taking over the site would therefore not be an extremely likely scenario. According to him, this could instead indicate that the group has itself pulled its site from the dark web. Certainly, however, he thinks it is too early to assess.
Extensive a cyber attack was reported in early July. The attack came from Kaseya, a Miami-based company that provides IT services to about 40,000 companies.
The strike paralyzed, among other things, the Swedish Coop supermarket chain. The chain had to close almost all of its 800 stores in the aftermath of the attack when its checkout system ceased to function. Coop was not a direct customer of Kaseya, but its IT subcontractor Visma Esscom was hit.
Read more: Cybercriminals who have hit more than a thousand companies demand a ransom of $ 70 million, including the Finnish Tieto-Evry
The hacking group demanded a $ 70 million ransom after the attack on data it had stolen through its blackmail malware.
The cyber security company ESET said it had secured the attacked companies from at least 17 countries after the attack. In addition to Sweden, destinations have been found in South Africa, Britain, Mexico and New Zealand, among others.
According to the news agency AFP, an estimated 1,500 companies were attacked.