REvil resurrected? Ransomware crew appears to be back. Keyword: Appears


The notorious REvil ransomware gang appears to have returned from the bowels of the dark web, three months after the arrest of 14 of its suspected members, with its old website forwarding to a new operation that lists both previous and fresh victims.

Back in January, Russia said it dismantled the crime ring’s networks and raided its operators’ homes amid the arrests of 14 of its alleged members. The takedown seemed to have worked, and infosec firms say they haven’t seen any sign of REvil activity since.

That changed this week, when security researchers on Twitter, pancak3 and Soufiane Tahiri, caught the latest REvil leak site – a website where the extortionists brag about their victims and disclose data stolen from them – being promoted on RuTOR, a Russian-language forum-slash-marketplace.

Read more…
Source: The Register