Last night, the websites and infrastructure used by the REvil ransomware operation mysteriously went offline.
Giving clarity to the unfolding event, the LockBit ransomware representative while posting to the XSS Russian-speaking hacking forum noted that it is rumored that the REvil gang erased their server following a government order.
While it is not unheard of for REvil sites to lose connectivity for some time, in this case, the shutting down of all the sites seems rather unusual.
The post stated in Russian and translated to English by Advanced Intel’s Vitali Kremez explained, “Upon uncorroborated information, REvil server infrastructure received a government legal request forcing REvil to completely erase server infrastructure and disappear. However, it is not confirmed.”
This latest update could be related to the major ransomware attack on Kaseya that occurred earlier this month.
For more information, read the original story in Bleeping Computer.