Security News > 2022 > May > Cybergang Claims REvil is Back, Executes DDoS Attacks
Akamai researchers have been monitoring the DDoS attack since May 12, when a customer an alerted the company's Security Incident Response Team of an attempted attack by a group claiming to be associated with REvil, Akamai revealed in a blog post Wednesday.
"The attacks so far target a site by sending a wave of HTTP/2 GET requests with some cache-busting techniques to overwhelm the website," Akamai SIRT vulnerability researcher Larry Cashdollar wrote in the post.
REvil, which went dark in July 2021, was a Russia-based ransomware-as-a-service group well-known for its high-profile attacks against Kaseya, JBS Foods and Apple Computer, among others.
The disruptive nature of its attacks spurred international authorities to go hard against the group, with Europol arresting a number of the gang's affiliates in November 2021.
The technique seen in the DDoS attack "Strays from their normal tactics," Cashdollar wrote.
"We haven't seen REvil linked to political campaigns in any other previously reported attacks," Cashdollar observed.
News URL
https://threatpost.com/cybergang-claims-revil-is-back-executes-ddos-attacks/179734/
Related news
- Cloudflare mitigated a record-breaking 5.6 Tbps DDoS attack (source)
- Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Devices (source)
- Mirai botnet behind the largest DDoS attack to date (source)
- New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks (source)
- DDoS attacks reportedly behind DayZ and Arma network outages (source)
- Gcore DDoS Radar Reveals 56% YoY Increase in DDoS Attacks (source)
- New Eleven11bot botnet infects 86,000 devices for DDoS attacks (source)