Skip to content

Ransomware Giant REvil’s Sites Disappear

Posted by: GuidePoint Security

< 1 min read

July 13, 2021 – Article posted on threatpost

Just days after President Biden demanded that Russian President Putin shut down ransomware groups, the servers of one of the biggest groups mysteriously went dark.

All of REvil’s Dark Web sites slipped offline as of early Tuesday morning, and it’s not clear whether it’s due to the ransomware gang getting busted or whether the threat actors did it on purpose. Threatpost corresponded with GuidePoint Security’s Drew Schmitt on the range of possibilities.

Schmitt said: “A lack of DNS response is a potential indicator of law enforcement involvement, but it’s not enough to determine whether the threat group changed their URL, is doing maintenance, or something similar. An unresolved DNS response over a short period of time is not necessarily a strong indicator without correlating evidence, statements, etc.,” he expounded. “It could be a short outage, however, we would need more time and evidence to tell what actually may be going on.”

Schmitt went on to note that this isn’t the first time the threat actor’s site was offline and pointed to as recently as last week, when REvil’s site went down for a short while.

Read More HERE.

Categories: Cybersecurity News

GuidePoint Security

The Brick House – Ransomware Readiness
Ransomware continues to be an ever-present danger to businesses and organizations of all sizes. Join Gary and other security practitioners for a candid conversation on preparing your environment for the threat of ransomware. Watch our candid conversation on preparing your environment for the threat of ransomware.
Watch Now

Related Articles

View All

  • Incident Response & Threat Intelligence
The Brick House – Ransomware Readiness
Read More < 1 min read
Ransomware Investigation & Response
Read More 2 min read
  • Cybersecurity
Ransomware Attacks
Read More 7 min read