Ransomware

Governments Hacked REvil Ransomware Group & Forced To Go Offline

On an active international operation that was executed recently by the US along with the multi-country law enforcement agencies, the Notorious ransomware group REvil themselves became the target of hacking and were forced to curtail their activities on the network.

The direct victims of the Russian-led criminal gang include top meatpacker JBS (JBSS3.SA), and the Colonial Pipeline. But, right now after this chasing incident the website of the REvil ransomware group known as “Happy Blog” is no longer available.

This “Happy Blog” website is used by the operators of REvil to leak victim data and extort companies. While apart from this, Tom Kellermann, the adviser of the US Secret Service on cybercrime investigations, conversed about a joint operation by like-minded states that conducted insurgent actions against the hacking groups.

So, in this huge secret joint operation, their first target became the hackers from the REvil ransomware group. Since in recent times, this hacking group was in the limelight due to its attacks against several US departments.

According to the Routers report, the cybercriminals forum entries from the alias or user “0_neday,” who, probably, is one of the leaders of REvil has proclaimed that the group’s servers had been hacked by unknown persons and now he was “out of the game.”

Here’s what “0_neday” stated:-

“The server was compromised, and they were looking for me, so, Good luck, everyone; I’m off.”

While Tom Kellermann stated:-

“The FBI, in conjunction with Cyber Command, the Secret Service, and like-minded countries, has truly engaged in significant disruptive actions against these groups; and REvil was top of the list.”

The REvil ransomware group got into trouble this year after launching attacks on the two huge market players:-

And due to these high-profile attacks, it had to shut down its darknet sites and networks to remain under the hood.

But, the group unexpectedly returned again on September 9, and after their comeback, they restored their primary elements:-

  • Its websites
  • Payment portals

However, after their so-called hard revival trials, they failed to achieve their early success and limelight, and not only that even after their revival they also had to increase their partners’ commission to 90%.

Looking for Best WAF Solutions for your web applications environment?? Register for Free WAF webinar & explore the experts thoughts and Choose the Best one.. Very limited seats available.. grab it here at ProPhaze.

Tushar Subhra Dutta

Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Recent Posts

Volkswagen Hacked – Hackers Stolen 19,000 Documents From VW Server

Volkswagen, one of the world's leading automotive manufacturers, has fallen victim to a sophisticated hacking…

4 hours ago

Beware Of Fake MetaMask Android Apps That Steal Login Details

Threat actors exploit fake Android apps primarily for illicit reasons, such as stealing sensitive and…

5 hours ago

CrushFTP Zero-Day Could Allow Attackers To Gain Complete Server Access

CrushFTP disclosed a zero-day vulnerability (CVE-2024-4040) affecting versions below 10.7.1 and 11.1.0. The vulnerability allows…

5 hours ago

IBM QRadar XSS Flaw Let Attackers Arbitrary JavaScript Code

A significant vulnerability was detected in IBM QRadar Suite Software and Cloud Pak for Security,…

6 hours ago

Seedworm Hackers Exploit RMM Tools to Deliver Malware

The notorious hacking group Seedworm, also known as MuddyWater, has been found exploiting legitimate remote…

6 hours ago

WordPress Plugin Flaw Exposes 10k+ Websites to Cyber Attacks

A critical vulnerability in the WP Datepicker WordPress plugin was identified, affecting over 10,000 active…

7 hours ago