The United States has dealt a heavy blow to the activities of the hacker group REvil. The FBI, helped by Cyber Command, the secret services and the police were able to enter the hackers’ servers and disconnect them, reports Reuters, relayed by 01net.
The operation took place in mid-October. One of the members of Revil, baptized “0_neday” echoed it in a forum dedicated to hackers. “The servers are compromised and they are after me,” the hacker wrote. ” Good luck to everyone. “
The sprinkler watered
REvil had been silent since July. After a final large-scale attack, the FBI managed to provide ransomware victims with a universal decryption key. In September, the group resumed its activities but without “Unknown”, leader and spokesperson for the hackers. It is “0_neday” which restarted the infrastructures by relying on backups.
Problem: these had been compromised by the authorities themselves. “Ironically, the gang’s preferred tactic of compromising backups backfired,” commented Oleg Skulkin, deputy director at Group-IB. The participation of Cyber Command military forces was crucial in the success of this operation.
“We stop taking gloves”
“Before, you couldn’t hack these forums, and the military didn’t want anything to do with it,” Attorney General John Carlin told Reuters last June. “But now, we stop using gloves. Some attacks affect the national security of the United States, such as the hack of Colonial Pipelines last May, which led to the blockage of its pipelines.
The FBI and the White House National Security Council spokesperson declined to comment on the cyber operation. But a source quoted by Reuters indicates that the intervention of the American authorities, which made it possible to penetrate the IT architecture of REvil, could be done thanks to the help of a foreign partner.
–
/nginx/o/2021/10/07/14122201t1h4f5f.jpg?resize=150%2C150&ssl=1)
