Skip to main content

Government downs Notorious REvil hackers' payment portal and data leak blog

The Pip Boy from the Fallout series being the benevolent hacker he is
(Image credit: Bethesda)

This article was updated on 22 October 2021 after new information surfaced. Click here to jump to the new info.

Rampant hacker group REvil—known for using ransomware to extort companies for millions and selling data on the dark web when it doesn't get its way—has gone silent after finally receiving some penance, it would seem. 

According to reports (via Tech Crunch), the group's Tor payment portal and data leak blog have been hijacked, leaving the group crippled and platformless.

A recent post from one threat actor associated with REvil, 0_neday, notes the attack not only took down 'Happy Blog,' it also deleted the path to the Tor service config files, replacing it with a malicious one to catch out the miscreants.

See more

REvil had been gaining heat from the US government over it's misconduct for some time before the blackout. Not long ago, the group targeted Acer, attempting to extort the company for approximately $100 million, and the group's backlog of victims doesn't stop there.

Apple supplier Quanta Computer, and thousands of organisations using Kaseya IT management solutions have also been affected by REvil's wrongdoings.

Update

We originally speculated about exactly who targeted the hackers, but new information has surfaced as to the culprit. Turns out it was a takedown from the FBI itself, with the help of "Cyber Command, the Secret Service and other like-minded countries," as Reuters reports.

The Washington Post noted a while back that the US government had managed to obtain a decryption key, one that could've shut the group down back in September. However, they decided to hold off for whatever reason, only to notice the Happy Blog went offline of its own volition.

That only lasted a while before the group resurfaced, though. So the big-wigs decided to execute a takedown, after all.

Race on

Best racing wheels

(Image credit: Future)

Best PC racing wheels : perfect for any circuit.
Best VR headset: which set is right for trackdays?

Bleeping Computer says other whispers had suggested a mutiny was underway, with a former group member who didn't join the resurfacing potentially staging a takeover, but that idea has since been debunked.

Either way, it's a win for the tech industry and the cyber-conscious. Lets hope that's the last we see of them. And as always, let this be a warning to keep your cybersecurity knowledge up to scratch. Hackers are all around us, and they don't often let up easy.

Katie Wickens

Screw sports, Katie would rather watch Intel, AMD and Nvidia go at it. She can often be found admiring AI advancements, sighing over semiconductors, or gawping at the latest GPU upgrades. She's been obsessed with computers and graphics since she was small, and took Game Art and Design up to Masters level at uni. Her thirst for absurd Raspberry Pi projects will never be sated, and she will stop at nothing to spread internet safety awareness—down with the hackers.