University of Sunderland experience long-term outage after cyber attack
October 14, 2021
Attacks on ten Israeli hospitals attributed to Chinese threat actors
October 18, 2021

REvil ransomware group’s Tor sites shut down after being hijacked

On the 17th of October 2021, the Tor sites of REvil ransomware gang went offline after an unknown person hijacked the Tor onion domains with the same private keys as REvil’s Tor sites and may have backups of the sites. One of the threat actors “0_neday”, affiliated with the REvil operation has confirmed that someone has hijack the ransomware gang’s domains to the XSS hacking forum.

“But since we have today at 17.10 from 12:00 Moscow time, someone brought up the hidden-services of a landing and a blog with the same keys as ours, my fears were confirmed. The third party has backups with onion service keys,” – ‘0_neday’.

Due to the unusual activity seen by the ransomware gang, they decided to shut down their operations. And a matter of hours later after the original post by the gang, they confirmed that they had their server had been compromised and that whoever did it was targeting the ransomware gang.

Leave a Reply

Your email address will not be published.