Russian-based ransomware group ‘REvil’ disappears after hitting US businesses
Group vanishes off dark web after Biden demands Russia take action
Sign up for the daily Inside Washington email for exclusive US coverage and analysis sent to your inbox
Get our free Inside Washington email
A ransomware operation thought to be one of the largest of such groups based in Russia vanished on Tuesday, weeks after taking credit for a major cyberattack on the US meat industry.
The New York Times reported that dark web pages purporting to belong to the group known as “REvil” were offline, including areas that boasted of the group’s successful operations, while pages used by victims to communicate with hackers to re-obtain access to stolen data were also gone. A cause could be identified immediately.
The news comes just days after White House press secretary Jen Psaki made it clear during a news conference that the US would take action against the groups if Russia did not.
President Joe Biden also confirmed to reporters on Friday that he would direct US Cyber Command to take down the servers hosting such groups if Russia failed to act.
Such a warning was also delivered to Russia’s President Vladimir Putin during a summit between the two leaders in Geneva, Mr Biden added.
“I made it very clear to him that the United States expects, when a ransomware operation is coming from his soil, even though it’s not sponsored by the state, we expect them to act if we give them enough information to act on who that is,” the president said.
REvil was the ransomware group thought to be responsible for attacks on US businesses over the past several months including JBS, a Brazil-based meat producer that was forced to shut down operations at more than a dozen US-based cattle slaughterhouses in June.
The Independent has reached out to the White House and US Cyber Command for comment on the disappearance of the group on Tuesday.
Ransomware has become a major problem for US-based businesses, law enforcement groups, government agencies and other entities over the past several years, with recent US targets including the Washington, D.C. police department and the Colonial Pipeline Company.
The attack on Colonial’s systems caused a temporary gas shortage along the US eastern seaboard that was heavily exacerbated by panic-buying, and the group thought to be responsible disappeared a few weeks later, announcing the end of its operations.
Subscribe to Independent Premium to bookmark this article
Want to bookmark your favourite articles and stories to read or reference later? Start your Independent Premium subscription today.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies