قالب وردپرس درنا توس
Home / Insurance / Governments run ransomware gang REvil offline: Sources

Governments run ransomware gang REvil offline: Sources



(Reuters) The ransomware group REvil was hacked and forced offline this week by an operation in several countries, according to three cyber experts from the private sector working with the United States and a former official.

Former partners and collaborators of the Russian-led criminal gang were responsible for a cyber attack in May on the Colonial Pipeline that led to extensive gas shortages on the U.S. East Coast. REvil's direct victims include the best meat packer JBS. The criminal group's website "Happy Blog", which had been used to leak victim data and blackmail companies, is no longer available.

Officials said the colonial attack used encryption software called DarkSide, which was developed by REvil staff.

VMWare Head of Cyber ​​Security Strategy Tom Kellermann said law enforcement and intelligence personnel stopped the group from sacrificing additional companies.

"The FBI, in collaboration with the Cyber ​​Command, Secret Service, and like-minded countries, has indeed engaged in significant disruptive measures against these groups," said Kellermann, adviser to the US Secret Service on cybercrime investigations. "REvil was at the top of the list."

A leadership called "0_neday", which had helped restart the group's operations after an earlier shutdown, said REvil's servers had been hacked by an unnamed party.

"The server was compromised, and they were looking for me", wrote 0_neday on a cybercrime forum last weekend and was first discovered by the security company Recorded Future. "Good luck everyone; I'm free."

The US government is trying to stop REvil, one of the worst of dozens of ransomware gangs working with hackers to penetrate and paralyze companies around the world, accelerating after the group endangered the US software intrusion firm Kaseya in July. The intrusion opened access to hundreds of Kaseya's customers at once, leading to many cyber-incident emergencies.

files without paying a ransom.

But law enforcement officials initially withheld the key for weeks when it silently pursued REvil's staff, the FBI later acknowledged.

gain control of at least some of the servers.

[1

9659002]

Catalog


Source link