Security News > 2022 > May > Cybergang Claims REvil is Back, Executes DDoS Attacks
Akamai researchers have been monitoring the DDoS attack since May 12, when a customer an alerted the company's Security Incident Response Team of an attempted attack by a group claiming to be associated with REvil, Akamai revealed in a blog post Wednesday.
"The attacks so far target a site by sending a wave of HTTP/2 GET requests with some cache-busting techniques to overwhelm the website," Akamai SIRT vulnerability researcher Larry Cashdollar wrote in the post.
REvil, which went dark in July 2021, was a Russia-based ransomware-as-a-service group well-known for its high-profile attacks against Kaseya, JBS Foods and Apple Computer, among others.
The disruptive nature of its attacks spurred international authorities to go hard against the group, with Europol arresting a number of the gang's affiliates in November 2021.
The technique seen in the DDoS attack "Strays from their normal tactics," Cashdollar wrote.
"We haven't seen REvil linked to political campaigns in any other previously reported attacks," Cashdollar observed.
News URL
https://threatpost.com/cybergang-claims-revil-is-back-executes-ddos-attacks/179734/
Related news
- CUPS vulnerabilities could be abused for DDoS attacks (source)
- Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps (source)
- Recently patched CUPS flaw can be used to amplify DDoS attacks (source)
- Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors (source)
- Largest Recorded DDoS Attack is 3.8 Tbps (source)
- New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries (source)
- U.S. Charges Two Sudanese Brothers for Record 35,000 DDoS Attacks (source)