Russia says it knows nothing about the digital disappearance of the infamous ransomware group REvil. This is reported by the Russian news agency Tass.
According to Tass, the Kremlin does not know whether the disappearance has anything to do with recent talks between Russian President Putin and his American counterpart Biden on the subject. Biden says Russia should do more against Russian cybercriminals who attack American companies.
The infamous group was behind the major ransomware attack a week and a half ago, in which hundreds of companies were attacked. Meat processor JBS was also attacked by the group.
One possible scenario is that Russia has succumbed to mounting pressure and took the cybercrime group offline.
Another possibility is that the ground became too hot for the criminals themselves, says security researcher Frank Groenewegen of Deloitte. “For example, because they noticed that governments or researchers were in their systems, and they panicked,” says Groenewegen. The group could then reappear under a different name.
A final possibility is that the infrastructure has been taken offline by the US government. “But usually the authorities do come out with that,” says Groenewegen. That has not happened yet.
What is certain is that all known infrastructure of the group has disappeared: from the public website where victims who did not pay were pilloried, to the website where victims could maintain contact with the attackers about, among other things, payment. Payments are also no longer possible. That would also make it impossible for recent victims to regain access to their systems.