WASHINGTON: Websites run by the ransomware gang REvil suddenly became unreachable on Tuesday, sparking widespread speculation that the group had been knocked offline.
The Russia-linked cybercrime ring has collected tens of millions of dollars in ransom payments in return for restoring computer systems it has hacked. In recent weeks it claimed responsibility for a sprawling ransomware outbreak that affected an estimated 800 to 1,500 businesses worldwide.
Ransomware sites can be unreliable, and it was unclear whether the site's disappearance was a momentary fluke or whether the hackers had downed tools or been removed from the internet by someone else. Both the group's payment portal and its blog, which named and shamed their victims who refused to pay the ransoms they demanded, were unreachable.
The White House declined comment. An attempt to reach REvil, one of whose representatives briefly spoke with Reuters last week, was unsuccessful.
The disappearance is not necessarily significant.
Vanishing acts are common in the ransomware world, where gangs tend to disappear and rebrand when they begin attracting too much heat.
REvil was already drawing top-level U.S. government attention, and pressure has been mounting on Washington to take more decisive action against REvil and groups like it.
The United States has been hit by a string of high-profile hacks by ransom-seeking cybercriminals, including an intrusion into Colonial Pipeline which disrupted gasoline deliveries across the East Coast.
President Joe Biden hinted on Friday the United States could take more aggressive action soon where ransomware was concerned.
READ ALSO - Biden presses Putin to act on ransomware attacks, hints at retaliation
Asked by a Reuters correspondent on Friday whether it would make sense to attack the Russian servers used in such intrusions, Biden paused, smiled and said: "Yes."
For the head of one cybersecurity company, the possibility that someone - the U.S. government or otherwise - knocked the group offline raised some concerns.
"If this was an organized cyber offensive, I am hopeful that collateral damage was a consideration," said Kurtis Minder, the founder of threat intelligence firm GroupSense.
Ransomware-seeking criminals and their victims are in some ways co-dependent, with the bad actors holding the keys to their victims' encrypted data. Should those keys have been lost or destroyed in a cyberattack "many companies, individuals are going to have a tough time recovering," he said.
Wrecking a cybercriminal server or two was not sustainable in the long run, he added.
"REvil is one of dozens of major ransomware operators," he said. "Are we going to attack all of them?"
READ ALSO - Up to 1,500 businesses affected by ransomware attack, US firm's CEO says
Reuters
Wed Jul 14 2021
Vanishing acts are common in the ransomware world, where gangs tend to disappear and rebrand when they begin attracting too much heat. - REUTERS
Denmark stands firm on Greenland after Rubio says Trump's interest is no joke
Trump vows to make Denmark's autonomous territory part of the US, not ruling out military or economic pressure to acquire it.
On-site investigation of burned-out Air Busan plane to begin
Passengers evacuated from the Air Busan plane will get their baggage back after authorities deemed the jet safe for a full investigation.
Myanmar junta extends state of emergency to support election preparations
The junta plans this year to hold an election, which critics have derided as a sham to keep the generals in power through proxies.
Malaysia to receive visits from world leaders beginning next week - PM
We need more strategic partners at this time, says Datuk Seri Anwar Ibrahim.
'Stubborn' Sarawak flood victims urged to evacuate immediately
Deputy Premier Datuk Amar Douglas Uggah Embas says some individuals are still reluctant to move to the nearest relief centres.
Taylor Swift unveiled as presenter at Sunday's Grammys
Taylor Swift is nominated for the Grammy Awards for Album of the Year with her album 'The Tortured Poets Department', and five other awards.
Microsoft, Meta back big AI spending despite DeepSeek's low costs
CEOs of Microsoft and Meta defends massive spending saying it was crucial to staying competitive in the new field.
Israel releases Palestinian prisoners after delay over chaotic hostage handover
Hamas frees three Israeli and five Thai hostages in Gaza, and Israel releases 110 Palestinian prisoners in the latest prisoner-hostage swap.
New minimum wage order comes into force tomorrow, benefiting 4.37 million workers - KESUMA
Failure to comply with the Minimum Wage Order is an offence and may result in a fine.
Honda, Nissan to unveil detailed merger plan in mid-Feb.
Japan's second- and third-largest carmakers by volume, have agreed to begin talks on merging under a holding company.
Investigators cautious of jet fuel still aboard wrecked South Korean plane
The investigation is being slowed by a large amount of fuel and oxygen still on board, according to an air crash investigation official.
Malaysia's official reserve assets at US$116.22 bil as at end-December 2024 - BNM
According to Bank Negara Malaysia, projected foreign currency inflows amount to US$2.49 billion in the next 12 months.
Investigators seek to salvage aircraft after deadly Washington crash
Divers aim to "salvage the aircraft" and find additional components on Friday, Washington's fire department said.
PM calls on people to prioritise national interest
Prime Minister Datuk Seri Anwar Ibrahim says Malaysia should also serve as a model for strong racial unity.
Trump repeats tariffs threat to dissuade BRICS nations from replacing US dollar
Trump warns BRICS member countries from replacing the US dollar as a reserve currency by repeating a 100%-tariffs threat.
UN chief demands evacuation of 2,500 Gaza children at 'imminent risk' of death
The doctors said they are advocating for a centralised process for medical evacuations with clear guidelines.
US looking into whether DeepSeek used restricted AI chips, source says
Current restrictions on Nvidia artificial intelligence processors are meant to stop its most sophisticated chips from reaching China.
Number of evacuees continues to rise in flood-hit Sabah, Sarawak
In Sarawak, the number of evacuees rose to 9,398 from 2,725 families this morning.
Investigators find black boxes after deadly Washington plane crash, continue search for answers
Investigators recovered the so-called black boxes from the American Airlines Bombardier jet carrying 60 passengers and four crew members.
Malaysia among nine nations to meet in The Hague over alleged Israeli law violations
Nations expected to plan "coordinated legal, economic, and diplomatic actions" to hold Israel accountable for violating international law.