Security News > 2021 > October > REvil ransomware gang allegedly forced offline by law enforcement counterattacks
According to Reuters, the REVil ransomware operation was "Hacked and forced offline this week by a multi-country operation".
The Colonial ransomware incident was attributed to a cybergang going by DarkSide, a criminal operation that Reuters describes as "Developed by REvil associates."
As you probably know, many ransomware operations these days don't operate as a small, tightly closed groups, but rather as networks of so-called associates or affiliates in a criminal ecosystem dubbed RaaS, short for ransomware as a service.
In contrast, the REvil gang was alleged recently to have started promising its affiliates 80% and even 90% payouts, perhaps in an attempt to regroup and rebuild in the face of increasing infiltration and counter-hacking attacks.
The crooks who broke in at the start if the intrusion might not even be the same gang that unleashed the final ransomware attack, because access to your network could have been sold on or "Leased out" along the way between co-operating cybercrime crews.
Even if the ransomware "Brand" REvil now seems to be a spent force: [a] the perpetrators haven't actually been arrested, so there's little to prevent them re-emerging under another name or joining another crew; [b] there are many other ransomware gangs already operating; and [c] ransomware is only one of many worrying cyberthreats out there.