A Russian-based hacker group blamed for a massive ransomware attack on Tuesday went offline, sparking speculation about whether the move was the result of a government-led action.
The “dark Web” page of the group known as REvil disappeared about two weeks after an attack that crippled networks of hundreds of companies worldwide and prompted a ransom demand of US$70 million.
“REvil has seemingly vanished from the dark Web, as its Web site has gone offline,” Allan Liska, a security researcher with the firm Recorded Future, wrote on Twitter.
Liska said the site had been unresponsive from about 5am GMT.
The news comes after US President Joe Biden repeated a warning to Russian President Vladimir Putin late last week about harboring cybercriminals, saying that Washington might take action in the face of growing ransomware attacks.
Analysts in the past have suggested that the US military’s Cyber Command has the capability to strike back at hackers in the face of threats to national security, but there was no official word on any such action.
“The situation is still unfolding, but evidence suggests REvil has suffered a planned, concurrent takedown of their infrastructure, either by the operators themselves or via industry or law enforcement action,” John Hultquist, vice president of analysis at Mandiant Threat Intelligence, said in a statement.
“If this was a disruption operation of some kind, full details may never come to light,” he said.
Brett Callow, a threat an analyst at the security firm Emsisoft, also pointed to unanswered questions.
“Whether the outage is the result of action taken by law enforcement is unclear,” Callow said. “If law enforcement has managed to disrupt the gang’s operations, that would obviously be a good thing, but could create problems for any companies whose data is currently encrypted. They’d not have the option of paying REvil for the key needed to decrypt their data.”
James Lewis, head of technology and public policy at the Washington-based Center for Strategic and International Studies, said the Web site might be down for a number of reasons, including pressure from Russian authorities.
“I don’t think it was us,” he said.
Liska said the site’s ownership had not been changed, making a domain seizure less likely.
“This could suggest these are self-directed takedowns,” he said.
MINERAL DEPOSITS: The Pacific nation is looking for new foreign partners after its agreement with Canada’s Metals Co was terminated ‘mutually’ at the end of last year Pacific nation Kiribati says it is exploring a deep-sea mining partnership with China, dangling access to a vast patch of Pacific Ocean harboring coveted metals and minerals. Beijing has been ramping up efforts to court Pacific nations sitting on lucrative seafloor deposits of cobalt, nickel and copper — recently inking a cooperation deal with Cook Islands. Kiribati opened discussions with Chinese Ambassador Zhou Limin (周立民) after a longstanding agreement with leading deep-sea mining outfit The Metals Co fell through. “The talk provides an exciting opportunity to explore potential collaboration for the sustainable exploration of the deep-ocean resources in Kiribati,” the government said
The head of Shin Bet, Israel’s domestic intelligence agency, was sacked yesterday, days after Israeli Prime Minister Benjamin Netanyahu said he no longer trusts him, and fallout from a report on the Oct. 7, 2023, Hamas attack. “The Government unanimously approved Prime Minister Benjamin Netanyahu’s proposal to end ISA Director Ronen Bar’s term of office,” a statement said. He is to leave his post when his successor is appointed by April 10 at the latest, the statement said. Netanyahu on Sunday cited an “ongoing lack of trust” as the reason for moving to dismiss Bar, who joined the agency in 1993. Bar, meant to
Indonesia’s parliament yesterday amended a law to allow members of the military to hold more government roles, despite criticisms that it would expand the armed forces’ role in civilian affairs. The revision to the armed forces law, pushed mainly by Indonesian President Prabowo Subianto’s coalition, was aimed at expanding the military’s role beyond defense in a country long influenced by its armed forces. The amendment has sparked fears of a return to the era of former Indonesian president Suharto, who ex-general Prabowo once served and who used military figures to crack down on dissent. “Now it’s the time for us to ask the
The central Dutch city of Utrecht has installed a “fish doorbell” on a river lock that lets viewers of an online livestream alert authorities to fish being held up as they make their springtime migration to shallow spawning grounds. The idea is simple: An underwater camera at Utrecht’s Weerdsluis lock sends live footage to a Web site. When somebody watching the site sees a fish, they can click a button that sends a screenshot to organizers. When they see enough fish, they alert a water worker who opens the lock to let the fish swim through. Now in its fifth year, the
RSS