Is REvil really gone? Lots of speculation, no confirmation of anything yet.
The “Happy Blog” leak site belonging to the Sodinokibi threat actors known as “REvil” (“Are Evil”) is offline, and their spokesperson “Unknown” has been silent for a few days. Lawrence Abrams of Bleeping Computer says all of REvil’s sites are down, including the payment site.
So have they folded? REvil’s “Unknown” consistently said they would keep going as there can never been too much money. But did a recent article loudly connecting the dots of decoder[.]re to Russia increase pressure on Russia to do something about them? Or did President Biden’s conversation with Putin after the Kaseya attack have any effect?
And if REvil is offline because of pressure on Russia, is it only temporary?
Or could the U.S. have knocked REvil offline through some private-government collaboration? We never did find out exactly what happened to DarkSide’s servers, did we?
This is a developing story…..
Update 1: “Unknown” is banned by the admin on XSS.is.