Posts Courses About

REvil-ed Ransomware Group Goes Kaput?

REvil has been one of the top ransomware groups for the past few months but they’re suddenly offline. No note, no warning, just gone.

More in this short…

Transcript

At 1:00 AM Eastern time on Tuesday, July 12th, 2021, the REvil ransomware gang appears to have closed up shop. Gone in the middle of the night, like that.

[00:00:09] Are they gone for good? No one knows.

Is this a good thing? Long term, absolutely.

Short term? Not so much.

[00:00:17] Gone with the gang’s online presence is any way for the up to 1500 victims of the Kaseya attack to get their encryption keys.

Now, sometimes when it’s a ransomware gang closes shop, they openly release the keys.

Let’s hope that this happens here.

[00:00:31] As to why REvil is offline… theories abound. But until we have more evidence, we simply won’t know.

But remember that ransomware works because it’s a low risk, high return crime.

If the spotlight becomes too intense, that equation changes and it might be time to reevaluate or rebrand.

References

  • Kevin Beaumont on the issue,