Cybergang Claims REvil is Back, Executes DDoS Attacks

2022-05-26 10:30

Akamai researchers have been monitoring the DDoS attack since May 12, when a customer an alerted the company's Security Incident Response Team of an attempted attack by a group claiming to be associated with REvil, Akamai revealed in a blog post Wednesday.

"The attacks so far target a site by sending a wave of HTTP/2 GET requests with some cache-busting techniques to overwhelm the website," Akamai SIRT vulnerability researcher Larry Cashdollar wrote in the post.

REvil, which went dark in July 2021, was a Russia-based ransomware-as-a-service group well-known for its high-profile attacks against Kaseya, JBS Foods and Apple Computer, among others.

The disruptive nature of its attacks spurred international authorities to go hard against the group, with Europol arresting a number of the gang's affiliates in November 2021.

The technique seen in the DDoS attack "Strays from their normal tactics," Cashdollar wrote.

"We haven't seen REvil linked to political campaigns in any other previously reported attacks," Cashdollar observed.

News URL

https://threatpost.com/cybergang-claims-revil-is-back-executes-ddos-attacks/179734/

#attack #ddos #revil

News URL

Related news