A blog and a paysite of the ransomware gang has been taken off the net, according to analysts. The REvil group is said to be behind the major Kaseya attacks that have brought down hundreds of companies in recent weeks.
Ransomware distributed via the Kaseya VSA management software has been able to infect and encrypt the computer systems of hundreds of companies in recent weeks. REvil, the likely Russian ransomware gang behind the attack, asked $70 million to make a universal decryption tool public.
However, it now appears that some of the sites the group uses to communicate have been taken off the web. It concerns a blog and a site where you can pay until recently found via the Tor network. It’s not clear why the sites disappeared, but action by government agencies cannot be ruled out.
US President Joe Biden, among others, has spoken out about cybercrime in recent weeks and is said to have urged stricter action against ransomware coming from the country in a telephone conversation with Russian President Putin.