The most wanted group of hackers disappears from the face of the earth

hackers disappears from the face of the earth
Last updated:

The REvil group, famous for organized attacks against political figures and big tech companies, has disappeared from the Internet; its website is no longer accessible, and communications have ceased. The hand of Vladimir Putin is suspected.

In just two years, the REvil name has terrified and shocked sysadmins and cybersecurity experts. This group of cybercriminals is based in Russia are known for their lack of modesty and their ambition; While other groups settle for small attacks and the occasional “hit,” on REvil’s list of victims we find names easily recognizable by anyone, such as Donald Trump or Apple.

Now this group, probably the most hated and wanted on the planet, has disappeared. Media such as Reuters initially reported that the media used by the group to communicate had closed, and The Advertiser Mirror has been able to confirm that the website opened in the so-called “Dark Web” is inaccessible. It is from that page that the hackers announced their new victims, in addition to publishing their claims and the results of their attacks.

This could be interpreted as simply that the page has “fallen”, But the problem seems to be more serious for the hackers since the website they used to negotiate with the victims has also been closed.

Ransomware against Trump and Apple

Like other groups, REvil’s strategy focused on using ransomware to encrypt victims’ hard drives; they then display a message indicating how the user can pay the “ransom” and receive the encryption key to recover their data. In addition, the ransomware used by REvil also obtained a copy of the data, which they could sell to the highest bidder if their demands were not met.

This was the most recent REvil attack, which is considered to be the largest ransomware attack in history; the hackers managed to infect servers of the management company Kaseya, before they could be patched, which ended up affecting 1,500 businesses worldwide, between direct and outsourced customers.

But that wasn’t the first time REvil had aimed high. In May 2020, the group asked for no less than $42 million from the then president of the United States; They allegedly had information on Donald Trump after they managed to decrypt a terabyte of stolen data from the law firm Grubman Shire Meiselas & Sacks. According to an alleged member of the group, they found a buyer, but this has not been confirmed by independent sources.

This same year, REvil made headlines again, this time for having obtained secret documents from Apple, after hacking the servers of one of its suppliers. Among the files were detailed plans of new devices, such as the new iPad with an M1 processor, published hours before their official presentation to prove their veracity.

Putin could have closed the group

Like all hacker groups, REvil was shrouded in mystery, but the biggest one is its disappearance. There is no indication of what may have happened, or even if the group is still active. The main cybersecurity firms are not celebrating, and while they admit that it is rare that the entire infrastructure has disappeared, it is possible that the group has only paused its activity.

The only clue is found in a statement made a few days ago by the US president, Joe Biden, in which he stated that he had contacted Vladimir Putin to pressure him for the cyberattacks suffered by American companies. REvil operates from Russia and its members are mainly Russian speakers. However, the Russian government has not confirmed any type of operation against these hackers.