REvil, a notorious hacking outfit known for extorting companies for millions of dollars and selling data on the dark web when it doesn’t get its way, has reportedly shut down after incurring some sort of punishment.
The group’s Tor payment site and data leak blog have been hijacked, according to sources (via Tech Crunch), leaving the outfit crippled and platformless.
The attack not only knocked down ‘Happy Blog,’ but it also erased the route to the Tor service config files, replacing it with a malicious one to catch out the miscreants, according to a recent post from one threat actor affiliated with REvil, 0 neday.
The US government had been chastising REvil for some time prior to the blackout for its wrongdoing. Not long ago, the organization went after Acer, aiming to extort $100 million from the corporation, and the list of victims doesn’t end there.
REvil’s actions have also had an impact on thousands of organizations that use Kaseya IT management solutions.
It’s unclear who launched the attack on the organization, whether it was a retaliatory hack or a preemptive strike by the government. We can only surmise at this moment, but according to a report from The Washington Post, the government acquired a key that might have shut down the group back in September. They decided to wait for whatever reason, only to discover that the Happy Blog had gone offline on its own accord.
However, the gang only lasted a short time before reappearing. So, it’s possible that the authorities decided to carry out a takedown after all. Other murmurs, according to Bleeping Computer, imply a revolt is brewing, with a previous group member who didn’t join the revival perhaps mounting a takeover.
It’s a triumph for the tech industry and the cyber-aware in either case. And, as usual, take this as a reminder to keep your cybersecurity skills up to date. Hackers are everywhere, and they don’t give up easily.
You might also like: