WASHINGTON: Websites run by the ransomware gang REvil suddenly became unreachable on Tuesday, sparking widespread speculation that the group had been knocked offline.
The Russia-linked cybercrime ring has collected tens of millions of dollars in ransom payments in return for restoring computer systems it has hacked. In recent weeks it claimed responsibility for a sprawling ransomware outbreak that affected an estimated 800 to 1,500 businesses worldwide.
Ransomware sites can be unreliable, and it was unclear whether the site's disappearance was a momentary fluke or whether the hackers had downed tools or been removed from the internet by someone else. Both the group's payment portal and its blog, which named and shamed their victims who refused to pay the ransoms they demanded, were unreachable.
The White House declined comment. An attempt to reach REvil, one of whose representatives briefly spoke with Reuters last week, was unsuccessful.
The disappearance is not necessarily significant.
Vanishing acts are common in the ransomware world, where gangs tend to disappear and rebrand when they begin attracting too much heat.
REvil was already drawing top-level U.S. government attention, and pressure has been mounting on Washington to take more decisive action against REvil and groups like it.
The United States has been hit by a string of high-profile hacks by ransom-seeking cybercriminals, including an intrusion into Colonial Pipeline which disrupted gasoline deliveries across the East Coast.
President Joe Biden hinted on Friday the United States could take more aggressive action soon where ransomware was concerned.
READ ALSO - Biden presses Putin to act on ransomware attacks, hints at retaliation
Asked by a Reuters correspondent on Friday whether it would make sense to attack the Russian servers used in such intrusions, Biden paused, smiled and said: "Yes."
For the head of one cybersecurity company, the possibility that someone - the U.S. government or otherwise - knocked the group offline raised some concerns.
"If this was an organized cyber offensive, I am hopeful that collateral damage was a consideration," said Kurtis Minder, the founder of threat intelligence firm GroupSense.
Ransomware-seeking criminals and their victims are in some ways co-dependent, with the bad actors holding the keys to their victims' encrypted data. Should those keys have been lost or destroyed in a cyberattack "many companies, individuals are going to have a tough time recovering," he said.
Wrecking a cybercriminal server or two was not sustainable in the long run, he added.
"REvil is one of dozens of major ransomware operators," he said. "Are we going to attack all of them?"
READ ALSO - Up to 1,500 businesses affected by ransomware attack, US firm's CEO says
Reuters
Wed Jul 14 2021
Vanishing acts are common in the ransomware world, where gangs tend to disappear and rebrand when they begin attracting too much heat. - REUTERS
'Masa untuk hentikan penderitaan' - Ketua PBB rayu keamanan
Antonio Guterres membuat rayuan untuk keamanan menjelang ulang tahun pertama konflik di Gaza minggu depan.
Larian berpakaian tidak senonoh: Tiga lelaki ditahan bantu siasatan
Dua lelaki warga asing dan seorang warga tempatan berusia antara 39 hingga 70 tahun ditahan di sebuah hotel di Kota Tinggi.
Wanita Palestin mengamuk di WTKL mohon maaf, tertekan fikir anak di Gaza
Aminah berkata, perbuatan di luar kawalan itu berlaku disebabkan rasa tertekan memikirkan keadaaan anaknya yang masih berada di Gaza.
Mangsa banjir di Perak terus meningkat, Selangor menurun
Jumlah mangsa banjir yang ditempatkan di PPS di Perak terus meningkat pagi ini manakala jumlah mangsa di Selangor menunjukkan penurunan.
Letupan baharu menggegarkan Beirut
Memetik laporan Associated Press, rejim Zionis turut menyerang kem pelarian Palestin jauh di utara buat kali pertama ketika ia menyasarkan kedua-dua pejuang Hezbollah dan Hamas.
Pelabur makin yakin, Malaysia disaran tingkatkan keperluan RE
Keperluan tenaga boleh baharu (RE) di negara ini semakin meningkat seiring keyakinan pelabur asing khususnya untuk mewujudkan pusat data, kata Timbalan Perdana Menteri, Datuk Seri Fadillah Yusof.
Dua minggu hilang, nasib Orang Asli Zuzina masih misteri
Pelbagai pihak masih mencari wanita orang Asli Zuzina Abine yang hilang selepas keluar rumah sejak 20 September lalu.
Ringgit dijangka berbanding dolar AS minggu depan
Ringgit dijangka kekal pada paras 4.21 hingga 4.22 berbanding dolar AS minggu depan, tetapi dengan kecenderungan meningkat terhadap dolar AS selepas data senarai gaji bukan ladang (NFP) Amerika Syarikat (AS) bagi September meningkat mendadak kepada 254,000 pekerjaan.
[TERKINI] Enam rakyat Malaysia selamat tiba dari Lubnan pagi ini
Kementerian Luar Negeri mengesahkan seramai enam orang rakyat Malaysia daripada sebuah keluarga selamat tiba di Lapangan Terbang Antarabangsa Kuala Lumpur (KLIA) dari Lubnan pada pagi ini (6 Oktober 2024).
Konvoi motosikal Seru For Gaza, cerminan sokongan sesama saudara
Liputan Wartawan Astro AWANI, Faida Rahim di acara konvoi motosikal Seru For Gaza di Cafe Rosco sebagai cerminan sokongan kepada saudara sesama Islam di Gaza, yang sudah setahun diperangi keganasan Israel.