Several countries that work together to address the problem or cyber attacks, have recently took down the REvil Ransomware gang using one of the gang’s favorite tactics of compromised backups.
According to Reuters, “The FBI in conjunction with Cyber Command, the Secret Service, and like-minded countries, have truly engaged in significant disruptive actions against these groups.”
Previously, the FBI had hacked REvil’s servers and received a universal decryption key after Kaseya’s attack.
Holding onto the key, however, proved crucial, as it allowed the FBI and its collaborators to penetrate deep into REvil’s operations, as it also ensured that their software remained hidden in backups recently used by gang member “0 _ neday” to restore operations after initially going offline four days ago.
For more information, read the original story in Arstechnica.
