The website of the ransomware gang REvil becomes inaccessible to Reuters

Rafael Sartre

Washington (Reuters)-The website operated by the ransomware group REvil suddenly became inaccessible on Tuesday, sparking widespread speculation that the organization has been taken offline.

Cybercriminal groups linked to Russia have collected tens of millions of dollars in ransoms in exchange for the restoration of their intrusive computer systems. In recent weeks, it has claimed to have an impact on the massive ransomware affecting https://www.reuters.com/technology/hackers-demand-70-million-liberate-data-held-by-companies-hit-mass-cyberattack-2021 Responsible for the outbreak 07-05 There are an estimated 800 to 1,500 companies worldwide.

The ransomware site may be unreliable, and it is not clear whether the disappearance of the site was a fluke, or whether the hacker has turned off the tool or was removed from the Internet by someone else. The organization’s payment portal and blog were inaccessible, and the blog named and humiliated victims who refused to pay the ransom.

The White House declined to comment. Attempts to contact REvil, one of the representatives had a brief conversation with Reuters last week, but was unsuccessful.

Disappearance is not necessarily important.

Disappearance behavior is common in the ransomware world, and when they start to attract too much heat, the gang tends to disappear and rename.

REvil has aroused the attention of the top U.S. government, and Washington is facing increasing pressure to take more decisive action against REvil and similar organizations.

The United States has suffered a series of high-profile hacking attacks by cybercriminals seeking ransom, including the invasion of the colonial pipeline, which interrupted gasoline transportation across the east coast.

President Joe Biden hinted on Friday that the United States may soon take more aggressive action on the issue of ransomware.

On Friday, a Reuters reporter asked https://www.reuters.com/article/us-usa-cyber-biden-putin-idAFKCN2EF1XN if it is necessary to attack the Russian server used for this type of intrusion. Biden paused and smiled He said: “Yes.”

For the head of a cybersecurity company, the possibility of someone — the US government or someone else — taking the organization offline raises some concerns.

Kurtis Minder, founder of threat intelligence company GroupSense, said: “If this is an organized cyber offensive, I hope collateral damage can be considered.”

Criminals seeking ransomware and their victims are dependent on each other in some respects. The bad guys hold the keys to encrypt the data of the victims. If these keys are lost or destroyed in a cyber attack, “many companies and individuals will have a hard time recovering,” he said.

He added that destroying one or two cybercrime servers is unsustainable in the long run.

“REvil is one of dozens of major ransomware operators,” he said. “Are we going to attack them?”