REvil Ransomware Gang Web Sites Mysteriously Shut Down
Reading Time: < 1 minute

REvil Ransomware gang infrastructure and websites mysteriously went offline last night.

The ransomware gang has been out of action since 0100 US Eastern Time. The Russian-based gang’s portals and infrastructure is used to negotiate and collect ransom have just vanished.

According to AI Smith, from Tor Project said, “In simple terms, this error generally means that the onion site is offline or disabled. To know for sure, you’d need to contact the onion site administrator.”

Sean Gallagher, a Sophos senior threat researcher, told internet media, “It could be that the server hardware failed, or that it was intentionally taken down, or that someone attacked their host. At this time, there’s nothing claiming that law enforcement is responsible. The public internet ransom site was also down last week.”

The MalwareHunterTeam in a tweet revealed, “REvil’s clear web payment site decoder[.]re was already down 8-9 hours ago, with not only the server down, or no A record, no DNS response at all…”

REvil has been behind a number of extortion infections, the latest being the Kaseya IT Management software exploitation which affected nearly 1, 500 businesses around the world.

According to LockBit researchers, in a post on the XSS Russian-speaking hacking forum about the REvil gang erasing its servers after learning of government summons.

There are a bunch of other ransomware gangs out there, ransomware is a huge money-making scheme. These gangs earn millions by earning ransom money from organizations willing to pay it. Looks like no matter how hard the law enforcement goes on the ransomware gangs they will not give up voluntarily.

Related Articles:

Iranian Hackers Pose as Hackers – Target Professors and Writers in Middle-East
Autonomous Aircraft by Xwing Loaded with Autonomous flight technology
Android Users can Start playing Games as they Get Downloaded