According to three private sector cyber experts working with US authorities and one former official,
Former partners and associates of the headedRussian-led criminal gangs are responsible for a cyberattack on the Colonial Pipeline in May that led to widespread gas shortages on the US East Coast. Also among the direct victims of REvil – largest meat producer JBS. Website “Happy Blog” criminal group, which was used to leak victims' data and extort companies, is no longer available.
In the attack on Colonial, officials said.used encryption software called DarkSide, which was developed by the group REvil. VMWare's head of cybersecurity strategy, Tom Kellermann, said law enforcement and intelligence officials prevented other companies from falling prey to the gang.
</ img>
The leader of the group, known as “0_neday”, who helped restart the group after a previous shutdown, said that REvil's servers were hacked by an unnamed party.
“The server was hacked and they were looking for me”, – posted by 0_neday on a cybercrime forum last weekend. “Good luck to everyone; I'm leaving”.
Attempts by the US government to stop REvil, oneof the worst of dozens of ransomware gangs that, along with hackers, infiltrate and paralyze companies around the world, have intensified since the group hacked into US software management company Kaseya in July.
This hack opened access to hundreds of Kaseya customers at once, leading to numerous emergency calls to respond to cyber incidents.
Source: Reuters
</ p>