REvil ransomware operators claim group is ending activity again, victim leak blog now offline
The REvil ransomware group has claimed that the gang is disbanding after the group suffered from loss of vital infrastructure and internal disputes. The notorious ransomware gang has claimed to be done with the cybercrime industry before, announcing their departure in July after the devastating Kaseya attack that affected hundreds of organizations across the world. REvil is one of the most prolific ransomware gangs currently in operation and has attacked hundreds of companies and organizations over the past several years.
According to reports from Recorded Future, REvil ransomware operators stated that an unknown entity took control of the group’s Tor payment portal and data leak website. One member, referred to as Unknown, was one of two members of the gang who had access to REvil’s domain keys. Unknown reportedly disappeared in July, and other members of the group subsequently believed he had died. The group initially shut down its operations but resumed its criminal activity in September. After the July Kaseya attack, the group attracted intense scrutiny from law enforcement agencies.