After the breach of Kaseya and thousands of clients downstream from it by REvil ransomware, the perpetrators disappeared abruptly but Kaseya appears to have received a decryption key nearly three weeks into the attack.
REvil ransomware gang, implicated in the high-profile attacks on JBS and Kaseya, seems to have very suddenly disappeared from the internet. The group has even closed up pages advertising its services on the dark web.
Acer reportedly suffered a REvil ransomware attack. The threat actors posted some files as proof and demanded the highest recorded ransom payment of $50 million in Monero.
REvil Ransomware operators deposited $1 million in Bitcoins on a Russian-speaking hacker forum to recruit hackers to work as affiliates earning 70-80% commission.
Cyber criminals behind REvil ransomware are auctioning off stolen data to the highest bidder, hinting at changing tactics and possibly the economic impact of COVID-19 on cybersecurity.