REvil Ransomware Group Returns After Short Break

Share post:

The ransomware group REvil has resurfaced after it was reportedly shut down following the widespread attack on Kaseya on July 4 that affected thousands.

U.S. President Joe Biden met personally with Russian President Vladimir Putin after the attack, and analysts attributed the closure of REvil to a meeting between the two world leaders at which Biden pressed Putin about ransomware attacks from Russia.

Still, both U.S. authorities and Russian officials denied any involvement in the July attacks.

Security experts took to social media on Tuesday to explain that the group’s Happy Blog and other sites linked to REvil are now back online, with the latest posting coming from a victim who was attacked on July 8.

Security researchers from Recorded Future and Emsisoft both confirmed that much of the group’s infrastructure had resurfaced.

Most people expected that REvil would return, albeit with a different name and likely a new variant of ransomware.

The closure of REvil in July left many victims in a difficult situation. Mike Hamilton, former CISO of Seattle and now CISO of the ransomware remediation company Critical Insight, told that after the Kaseya attack, a company paid a ransom and received the decryption keys from REvil, which apparently did not work.

REvil attacked about 360 U.S. organizations this year and has made more than $11 million this year with high-profile hacks on Acer, JBS, Quanta computers and more.

For more information, read the original story in ZDNet.

SUBSCRIBE NOW

Related articles

AWS Launches Physical Locations for High-Speed Cloud Data Uploads

Amazon Web Services (AWS) unveiled a novel service at its re:Invent 2024 conference: Data Transfer Terminal, a network...

Russian State-Backed Cyber Attack Exploits Zero-Day Vulnerabilities in Windows and Firefox

Headline: A sophisticated cyberattack leveraging two chained zero-day vulnerabilities in Mozilla Firefox and Microsoft Windows has been confirmed by...

Starbucks Forced to Pay Baristas Manually After Ransomware Attack

A ransomware attack on Blue Yonder, a third-party scheduling software provider, has disrupted Starbucks’ ability to manage employee...

Google Launches Free Cybersecurity Certificate for Entry-Level Jobs

Google has introduced a new Cybersecurity Professional Certificate, aimed at preparing students for entry-level roles in just six...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways