FBI, Cyber Command, Secret Service and Allies Hacked and Forced Ransomware Group REvil Offline
Fin7 created a fake website to recruit hackers, Evil Corp demands up to $40M in Macaw ransomware attacks, Trump's Truth Social taken down in hours, FTC details the breadth of ISP data collection, more
The ransomware group REvil was hacked and forced offline this week by the “FBI, in conjunction with Cyber Command, the Secret Service, and like-minded countries,” according to Tom Kellerman, VMWare head of cybersecurity and an adviser to the U.S. Secret Service on cybercrime investigations.
REvil’s website was shuttered following its July ransomware attack on software company Kaseya. The group’s site had come back online last month, but a leadership figure known as "0_neday," who had helped restart the group's operations, had said an unnamed party had hacked REvil's servers. When 0_neday and others restored those websites from a backup, they unknowingly restarted some internal systems already controlled by law enforcement, turning the gang’s favorite tactic of compromising backups against them.
One source said that a foreign partner of the U.S. government carried out the hacking operation that penetrated REvil's computer architecture. A former U.S. official says the operation against RE…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.