WASHINGTON: Websites run by the ransomware gang REvil suddenly became unreachable on Tuesday, sparking widespread speculation that the group had been knocked offline.
The Russia-linked cybercrime ring has collected tens of millions of dollars in ransom payments in return for restoring computer systems it has hacked. In recent weeks it claimed responsibility for a sprawling ransomware outbreak that affected an estimated 800 to 1,500 businesses worldwide.
Ransomware sites can be unreliable, and it was unclear whether the site's disappearance was a momentary fluke or whether the hackers had downed tools or been removed from the internet by someone else. Both the group's payment portal and its blog, which named and shamed their victims who refused to pay the ransoms they demanded, were unreachable.
The White House declined comment. An attempt to reach REvil, one of whose representatives briefly spoke with Reuters last week, was unsuccessful.
The disappearance is not necessarily significant.
Vanishing acts are common in the ransomware world, where gangs tend to disappear and rebrand when they begin attracting too much heat.
REvil was already drawing top-level U.S. government attention, and pressure has been mounting on Washington to take more decisive action against REvil and groups like it.
The United States has been hit by a string of high-profile hacks by ransom-seeking cybercriminals, including an intrusion into Colonial Pipeline which disrupted gasoline deliveries across the East Coast.
President Joe Biden hinted on Friday the United States could take more aggressive action soon where ransomware was concerned.
READ ALSO - Biden presses Putin to act on ransomware attacks, hints at retaliation
Asked by a Reuters correspondent on Friday whether it would make sense to attack the Russian servers used in such intrusions, Biden paused, smiled and said: "Yes."
For the head of one cybersecurity company, the possibility that someone - the U.S. government or otherwise - knocked the group offline raised some concerns.
"If this was an organized cyber offensive, I am hopeful that collateral damage was a consideration," said Kurtis Minder, the founder of threat intelligence firm GroupSense.
Ransomware-seeking criminals and their victims are in some ways co-dependent, with the bad actors holding the keys to their victims' encrypted data. Should those keys have been lost or destroyed in a cyberattack "many companies, individuals are going to have a tough time recovering," he said.
Wrecking a cybercriminal server or two was not sustainable in the long run, he added.
"REvil is one of dozens of major ransomware operators," he said. "Are we going to attack all of them?"
READ ALSO - Up to 1,500 businesses affected by ransomware attack, US firm's CEO says
Reuters
Wed Jul 14 2021
Vanishing acts are common in the ransomware world, where gangs tend to disappear and rebrand when they begin attracting too much heat. - REUTERS
Harumanis antara tarikan utama Agrofiesta 2024
Mangga harumanis dan produk makanan berasaskan mangga antara tarikan utama pada penganjuran Agrofiesta 2024.
NIOSH sedia beri khidmat nasihat depani cabaran perubahan iklim
NIOSH bersedia memberikan khidmat nasihat serta rundingan bagi membantu kerajaan, majikan dan pekerja menghadapi cabaran berkaitan perubahan iklim.
Malaysia negara pertama terima visa haji
Malaysia menjadi negara pertama yang menerima pengeluaran visa haji daripada Kementerian Haji dan Umrah Arab Saudi bagi jemaah musim haji 1445H/2024.
Menteri Indonesia bincang isu pekerja migran dengan rakan sejawat dari Malaysia
Fauziyah harap Steven akan membawa penambahbaikan kepada dasar berkaitan tenaga kerja Indonesia.
Pahang peruntuk RM1.5 juta bantuan tunai bakal jemaah haji
Sebanyak 1,588 jemaah haji Pahang menerima sumbangan 'duit poket' berjumlah RM750 seorang bagi membantu meringankan beban bakal haji dalam melakukan persiapan melaksanakan rukun Islam kelima itu.
PRK Kuala Kubu Baharu: Pengundi jangan mudah percaya taktik fitnah - Ramanan
Ramanan berkata pengundi perlu lebih berhati-hati, dan sentiasa menyemak fakta apabila mendengar kempen politik yang dilakukan pihak lawan.
KEDA berhasrat tanam padi wangi, padi huma tahun ini
Lembaga Kemajuan Wilayah Kedah (KEDA) berhasrat membangunkan tanaman padi wangi dan padi huma di beberapa kawasan pertanian dalam wilayahnya, tahun ini.
Mesyuarat perundingan Enam Pihak Arab bincangkan perkembangan di Gaza
Mesyuarat perundingan Jawatankuasa Enam Pihak Arab itu membincangkan perkembangan serangan Israel ke atas Semenanjung Gaza.
Chegubard didakwa di Mahkamah Sesyen KL esok - Peguam
Badrul Hisham Shaharin atau dikenali Chegubard akan didakwa di Mahkamah Sesyen Kuala Lumpur esok atas pertuduhan memfitnah dan menghasut.
Pulau Pinang, kerajaan pusat bekerjasama tarik pelaburan semikonduktor
Kerajaan Pulau Pinang akan bekerjasama dengan Kerajaan Persekutuan untuk meneruskan usaha menarik pelaburan dalam sektor semikonduktor, termasuk segmen reka bentuk litar bersepadu (IC) di negeri itu.