"Ransomware Giant REvil’s Sites Disappear"
Just days after President Biden demanded that Russian President Putin shut down ransomware groups, the servers of one of the most prominent groups mysteriously went dark. Researchers stated that all of REvil’s Dark Web sites slipped offline. It is unclear whether it’s due to the ransomware gang getting busted or whether the threat actors did it on purpose. The REvil ransomware operation, also known as Sodinokibi, uses both clear web and Dark Web sites to negotiate ransoms, leak data, support its backend infrastructure, and receive payment from its many victimized organizations. Their victim's list has recently grown with the addition of Kaseya and its many managed service provider (MSP) customers and the global meat supplier JBS Foods. One cybersecurity expert emphasized that REvil's sites being offline doesn’t mean that the notorious gang has been shut down.
Threatpost reports: "Ransomware Giant REvil’s Sites Disappear"