From the early hours of Tuesday ( July 13th,2021) most of the ransomware websites owned by REvil ransomware spreading gang have disappeared from the dark web and security researchers from Kaspersky say that the websites might be down because of a disruption caused by a cyber attack launched by a cyber unit operating under the regime of US President Joe Biden.
It is not clear yet on whether the websites are down because of some technical issue or have been wiped out on a permanent note. But most of the regular visitors to some notorious websites have been greeted with the message that says “A server with the specified host name could not be found”.
REvil aka Sodinokibi is linked to Russian intelligence as NSA and FBI have released a joint statement last year saying that the operations conducted by the said ransomware gang were being funded by Russian Intelligence.
Although, the National Security Council has denied commenting on the issue, a source from the fed says that the Joe Biden government could have ordered a bunch of security engineers to take down the computer systems that were launching ransomware attacks and so the result was that most of the REvil affiliated websites have disappeared from the web.
John Hultquist from Mandiant Threat Intelligence and Detection solutions felt it looks like a planned outage as 83% of websites linked to REvil ransomware-as-a-service were down and it seems like the US law enforcement has concurrently taken down the entire infrastructure all at a time.
More details are awaited!