REvil Ransomware Group Resurfaces Online

By   ISBuzz Team
Writer , Information Security Buzz | Sep 09, 2021 06:36 am PST

Following the news that the operators behind the REvil ransomware group have resurfaced after allegedly closing shop following the widespread attack on Kaseya, please see below comments from security experts.

Notify of
2 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Dimitris Strevinas
September 9, 2021 2:51 pm

<p><strong>Why would REvil be back online?</strong><br />REvil, apart from an extortion group, could also be considered a brand name. It is easier to pay ransoms to well-known groups than newcomers.</p>
<p><strong>Should we expect more attacks?</strong><br />Of course. Unless it is a hoax onion site, and this could be validated, more attacks should be expected. We believe that the people behind the attack on Kaseya are not standing still.</p>
<p><strong>Does the fact they are using the same infrastructure as previously mean the attackers could be easier to catch? Why would they make such a rookie mistake?</strong><br />There are many layers to hide the identity of the origin. Especially the use of the same group name looks like a thought-through and confident move.</p>

Last edited 2 years ago by Dimitris Strevinas
Chris Sedgwick
Chris Sedgwick , Security Operations Director
September 9, 2021 2:45 pm

<p>Hacker groups disappearing when things heat up is something we have seen frequently in the past, with cases like Emotet or Anonymous. When groups do disappear, it is generally to buy some time and take the limelight off them from law enforcement agencies, and it rarely means they are disappearing for good. On the assumption that this is indeed the same threat group operating the infrastructure, we would expect to see a new ransomware variant from the group in the near future, but with a much more carefully selected victims to keep the media and Government attention off them as much as possible.</p>

Last edited 2 years ago by Chris Sedgwick

Recent Posts

Would love your thoughts, please comment.x