Security News > 2021 > October > REvil ransomware group reportedly taken offline by multi-nation effort
The infamous REvil ransomware group has reportedly been dealt a severe blow, courtesy of an operation conducted by officials in the US and other countries.
A so-called "Leadership figure" for REvil known as "0 neday," who helped restart the gang's operations after it previously shut down, revealed that REvil's servers had been hacked by an unknown party, Reuters said.
"The REvil ransomware gang restored the infrastructure from the backups under the assumption that they had not been compromised," Oleg Skulkin, deputy head of the forensics lab at the Russian-led security company Group-IB, told Reuters.
Though the FBI declined Reuters' request for comment, one person familiar with the events said that a foreign partner of the US government carried out the hacking operation against REvil.
This effort to take down REvil shows that law enforcement is more than willing to play hard ball to stop these criminal enterprises.
"With REvil being taken off-line, this can definitely be counted as a benefit for those in the cybersecurity defense area. The one thing to note here is there are plenty of other ransomware criminal gangs ready to step in and take back over the areas vacated by REvil. We can only hope that this government-assisted shutdown will have a negative impact on the operations of the other gangs due to fear of it happening to them as well."