Security News > 2021 > July > REvil ransomware gang's web sites mysteriously shut down
The infrastructure and websites for the REvil ransomware operation have mysteriously gone offline as of last night.
The REvil ransomware operation, aka Sodinokibi, operates through numerous clear web and dark web sites used as ransom negotiation sites, ransomware data leak sites, and backend infrastructure.
Starting last night, the websites and infrastructure used by the REvil ransomware operation have mysteriously shut down.
While it is not unheard of for REvil sites to lose connectivity for some time, all sites to shut down simultaneously is unusual.
Recorded Future's Alan Liska said that the REvil web sites went offline at approximately 1 AM EST this morning.
At this point, it is not clear if REvil's shut down of servers is for technical reasons, if the gang shut down their operation, or if a Russian or USA law enforcement operation took place.