The rampant hacker group REvil – known for using ransomware to blackmail businesses for millions and sell data on the dark web if they don’t get their way – fell silent after what it appears to be a fine.
According to reports (via Tech crunch), the Tor payment portal and the group’s data leak blog were hijacked, crippling the group and becoming platformless.
A recent post by a REvil-affiliated threat actor, 0_neday, states that the attack not only destroyed Happy Blog, but also deleted the path to the Tor service’s configuration files and replaced it with a malicious one to catch the villains.
REvil had been fueled by the US government for some time prior to the blackout because of their misconduct. Not so long ago the group did targeted Acer, is trying to extort about $ 100 million from the company, and the victim group’s backlog doesn’t stop there.
Apple supplier Quanta Computer and thousands of companies using Kaseya IT management solutions have also been affected by REvil’s misconduct.
It’s not clear who carried out the attack on the group – whether it was a revenge hack or a preventive shutdown by the government itself. At this point we can only speculate, but a report from The Washington Post reveals that the government had managed to obtain a key that the group could have locked as early as September. However, they decided to wait for some reason only to find that the Happy blog went offline of its own accord.
However, it only took a while before the group reappeared. So maybe the government decided to do a takedown after all. Beeping computer says other whispers suggest a mutiny is underway, with a former group member who did not join the resurrection possibly orchestrating a takeover.
Either way, it is a win for the tech industry and the cyber-conscious. Let’s hope that’s the last we see of them. And as always, let this be a warning to keep your cybersecurity knowledge up to date. Hackers are all around us and they often don’t give up.
#Notorious #REvil #hackers #payment #portal #data #leak #blog #hacked