REvil ransomware gang taken offline by multinational effort

US government is reportedly now going after the operators behind REvil

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

In a welcome move, sources have confirmed that the recent troubles plaguing the notorious REvilransomwareoperator are the result of a concerted effort by variouscybersecurityagencies.

Reuterscredits REvil’s latest disappearance to the US based on insights shared by three private sector cyber experts working with US security agencies and one former official.

VMware’s head of cybersecurity strategy Tom Kellermann, an advisor to the US Secret Service on cybercrime investigations, noted that REvil was a high priority target for the law enforcement and intelligence agencies.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

“The FBI, in conjunction with Cyber Command, the Secret Service and like-minded countries, have truly engaged in significant disruptive actions against these groups,” Kellermann toldReuters.

Done and dusted

Earlier this week, REvil’s was forced totake down its online infrastructure, hosted on the dark web, in response to an unidentified party hijacking the gang’s domains.

The news of the hijack was shared by the gang’s official representative known as “0_neday,” who reportedly was instrumental in restarting the group’s operations after a similarshutdown earlier this year.

“The server was compromised, and they were looking for me,” 0_neday wrote on a cybercrime forum.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

REvil has been behind some of the most extravagant ransomware operations of late including the one against managed service providers (MSP) by exploiting a vulnerability in the Kaseya VSA remote management software toinfect thousands of computersaround the world.

Action against Russia-based threat actors, including REvil, featured prominently in theUS-Russian Presidential talksin Geneva earlier this year.

US President Joe Biden has assured that cybersecurity is one of thetop prioritiesfor his administration. While his administration has announced several steps and measures tostrengthen the cybersecurity posture, REvil’s take down is perhaps one of the boldest displays of its intent in itsfight against ransomware.

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

Quordle today – hints and answers for Saturday, November 9 (game #1020)