Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security

Ransomware Gang REvil Vanishes From Web After Biden Warning (bloomberg.com) 71

The Russia-linked ransomware gang REvil has seemingly vanished from the dark web, where it maintains several pages documenting its activities including one called the "happy blog." From a report: It's not yet known if the sites were down temporarily or if the group -- or law enforcement -- took its websites offline. "It's too early too tell, but I've never seen ALL of their infrastructure offline like this," said Allan Liska, senior threat analyst at cybersecurity firm Recorded Future, in a text message. "I can't find any of their infrastructure online. Their extortion page is gone, all of their payment portals are offline, as is their chat function." Liska said the websites went offline around 1 a.m. Eastern time. The sudden outage comes just days after President Joe Biden said he pressed Russian President Vladimir Putin to act against hackers in his country blamed for recent ransomware attacks.
This discussion has been archived. No new comments can be posted.

Ransomware Gang REvil Vanishes From Web After Biden Warning

Comments Filter:
  • by Anonymous Coward

    Why do you keep posting links to PAYWALLED stories? Post the text in the summery or find a better source.

    • Because most people who read here are bright enough to bypass a paywall. Since I'm in a good mood today here is an archived mirror https://archive.is/aU5zN [archive.is]

      • Of bypassing a paywall to read an article on a ransomware gang?

        • I don't like paywalled articles either, but stop with the faux-outrage that someone else wants to charge you for looking at THEIR content and equating it to someone trying to charge you to get back YOUR content. They're the same thing to the degree that consensual sex and rape are the same thing. Eg, they're not.

      • by Anonymous Coward

        No bypassing necessary. Opened fine in a Private Window.

        The Russia-linked ransomware gang REvil has seemingly vanished from the dark web, where it maintains several pages documenting its activities including one called the “happy blog.”

        It’s not yet known if the sites were down temporarily or if the group -- or law enforcement -- took its websites offline.

        “It’s too early too tell, but I’ve never seen ALL of their infrastructure offline like this,” said Allan Liska, s

    • I went to the paywall site with FF and managed to read everything just fine. Not trying to be a dick, just sayin'.
    • by fermion ( 181285 )
      Walmart holds be ransom until I agree to pay for the stuff I want. It not like I can just leave the basket and walk out.
    • by Anonymous Coward
      Why are you too stupid or lazy to clear your cookies (or just Bloomberg's cookie)?
  • I can't find any of their infrastructure online. Their extortion page is gone, all of their payment portals are offline, as is their chat function.

    Did they try the same addresses, but with a "1" on the end? :-)

  • Rename successful.
    Contiuing operation ...

  • They didn't want that free waterboard vacation at a secret Club Fed?

  • by dysmal ( 3361085 ) on Tuesday July 13, 2021 @01:00PM (#61578767)

    Am I the only one worried that if Putin had them shut down, he's got a lot more power than we thought?

    This could also be his way of showing the world that he does in fact have a lot of power. How many other world leaders can make a major malware gang shut down?

    • by 93 Escort Wagon ( 326346 ) on Tuesday July 13, 2021 @01:02PM (#61578783)

      It think much of the world already assumes Putin has some level of control over these gangs.

      • Putin's popularity was built entirely on getting Russian Organized crime under control. Putin's KGB (technically ex, but that's splitting hairs). You think he just dismantled those organizations? Of course he repurposed them.
        • Like how a bunch of Ganges and Mobs, have fell in line under one leader.

          How do stop criminals... You make them your deputy.

          • In the 30s the fascist government i Italy cracked down hard on the Mafia in Sicily which made many of them emigrate to the US. In 1944 allied forces landed in Sicily and drove the Axis fascists, moving on to Italy. Since the military had little time and resources to govern the place they basically turned a blind eye to let the Mafia take over again and keep order.

            They did not intentionally deputize them, but it came down to the same thing.

    • by MightyMartian ( 840721 ) on Tuesday July 13, 2021 @01:03PM (#61578791) Journal

      Isn't as likely an explanation is that these were state actors working for the Russian government, so shutting them down as simple as him ordering their operations shuttered?

      • Isn't as likely an explanation is that these were state actors working for the Russian government, so shutting them down as simple as him ordering [them to be executed for getting caught]?

        Fixed. You're welcome.

      • by algaeman ( 600564 ) on Tuesday July 13, 2021 @01:24PM (#61578879)
        Or, management (whether that is government or not) told them to change all their domain names and control servers. This seems like a simple business decision when the alternative is having your entire operation compromised, or causing an international incident.
        • I suppose anything is possible with these shadowy groups. One thing is certain, the three letter agencies and their counterparts in the Five Eyes at least publicly think a good many of these ransomware outfits are based in Eastern Europe and are effectively part of Russia's cyberwarfare capability. I have no way to verify this, but Biden has made it pretty clear to Putin that he at least holds Russia responsible for some of the recent hacks. My assumption is that most nations have some groups, either tightl

      • Isn't as likely an explanation is that these were state actors working for the Russian government

        The Russian government is not going to be operating a group dedicated to blackmailing western organizations. There is too little money and too many potential problems that this could cause. These guys are just opportunistic scammers looking for a quick buck. The Russian government is probably laughing at the west not being able to manage the scammers. It does not hurt them. Or at least, it didn't with Trump in power.

        I am not implying that Russia is not actively attempting to infiltrate western compu

    • by quantaman ( 517394 ) on Tuesday July 13, 2021 @01:13PM (#61578835)

      Am I the only one worried that if Putin had them shut down, he's got a lot more power than we thought?

      This could also be his way of showing the world that he does in fact have a lot of power. How many other world leaders can make a major malware gang shut down?

      Not really. It was generally assumed that the ransomware gangs were operating with the unspoken consent of the Russian government, possibly with links to Russian intelligence (who would certainly be interested in some of the info they retrieved). That's the whole reason why they did things like ignore systems using Russian [slashdot.org].

      Therefore, it's probably pretty easy for Putin to shut them down.

      Now I doubt he's actually thrown them in jail (looks bad to have them complaining to the media that the Russian government double crossed them), but he may have told them to find different careers, or at least re-incorporate under a different name.

    • Re: (Score:2, Funny)

      by Anonymous Coward

      How many other world leaders can make a major malware gang shut down?

      Xi Jinping
      Kim Jong-un
      Bashar al-Assad

    • How many other leaders of large nations are gangsters?
    • Regardless of Putin, I would not like being targeted by law enforcement from multiple countries personally. If these guys are as smart as they think they are, disappearing and removing all traces is probably a good idea.
    • Am I the only one worried that if Putin had them shut down, he's got a lot more power than we thought?

      This could also be his way of showing the world that he does in fact have a lot of power. How many other world leaders can make a major malware gang shut down?

      How many world leaders can shut down a sponsored organization?

      A lot of them I would guess.

      (Let's stop pretending here.)

  • by awwshit ( 6214476 ) on Tuesday July 13, 2021 @01:03PM (#61578789)

    They'll be back tomorrow with a new brand name.

    • by Anonymous Coward

      REvil --> SEvil --> TEvil --> UEvil

  • Just under a bunch of other names. ;)
  • Maybe someone offered a few million dollars for their operation to be shutdown and their heads placed on pikes.
  • They'll be back next week with a new name. There's no way Putin is going to let up on his technological assault on the US. He has no intentions of scaling back the ransomware groups, he has zero intention of stopping them. Most of them are probably backed by Putin and the rest of the Russian government. We had a cold war...this is the start of the cyber war. He's not lying when he says he'll do something...but I don't think he has any intention of stopping it. He knows how much he can fuck us over.

  • Think of all the American companies who were hacked, and were about to pay the ransom to unlock their systems. Now they can't pay up and they are fucked.

Genius is ten percent inspiration and fifty percent capital gains.

Working...