REvil, one of the most notorious ransomware gangs, is back after its servers went offline two months ago.
REvil is a gang of hackers, believed to be operating from Russia, that specializes in ransomware attacks. The group was behind the Kaseya attack, the biggest ransomware in history.
Two months ago REvil went dark, with their servers going offline. Even their “leak site” went down. While servers for ransomware gangs often go down, as we pointed out then, it’s unusual for all of them to go down at once. Some experts believed the gang may have shut down operations in response to increased pressure after the Kaseya attack.
Despite the seeming good news, experts warned organizations not to become complacent, and that REvil’s operators would likely show up somewhere, one way or another.
According to security researchers, it appears that’s exactly what’s happened, as the group’s servers are once again active on the Dark Web.
The revelation is bad news for organizations around the world, and underscores the importance of continued vigilance.