The notorious cybercriminal group REvil was hacked. The operation was conducted by the FBI in cooperation with international agencies and led to the deletion of the site from the dark web. 

REvil, one of the most notorious and dangerous ransomware groups, seems to have suddenly shut down. It is a collective, ransomware-as-a-service (RaaS): i.e. they offer the malware service to affiliates in exchange for sharing the ransom.

REvil has sometimes been described as a Russian-based, sometimes Russian-speaking group, often aligned with Moscow interests.

REvil's palmares include attacks such as those against Quanta Computer, Apple's supplier, with the publication of some details of the brand new MacBook Pro 2021 (in April). 

Or attacks against critical infrastructures in the United States, such as the maxi-colonial pipeline (in May). Or, finally, like those against the supply chain of Kaseya, a US company whose products include a very popular business management software (in July).

It is precisely this last offensive that is said to have unlocked the situation, thanks to which the FBI was able to obtain the 'master password' that unlocks all computers affected by REvil ransomware without paying a ransom. Initially, the password was not shared with Kaseya to avoid compromising the investigation, but the situation was unlocked at the end of July.

Thus, the FBI, in cooperation with other national agencies, was able to get its hands on REvil's heart, putting an end to his activities.

A group leadership figure known as '0_neday', who helped restart the group's operations after a previous arrest, initially claimed that REvil's servers had been hacked by someone anonymous.

"The server was compromised and they were looking for me," 0_neday wrote on the group's blog last weekend. "Good luck everyone, I'm out of here."

All this demonstrates that with the right protection and united towards the common goal of a safer Internet, cybercriminals can be thwarted, at any level.

Unfortunately, you can't always hope that it will be the local authorities who will get you out of these situations. Most of the time, when an attack comes against your company, you are on your own.

This is why it is important to prevent and insure against cyber attacks.


Subscribe to the Cyberblog and download the free guide

In our guide you will learn how to secure a small or medium-sized business, from an IT point of view, and how to protect yourself from attacks on the internet.

Related items

Cyber Risk - An Understanding Guide for Small and Medium Enterprises (SMEs)

Cyber Risk - A Guide to Understanding for Small and Medium-sized Enterprises (SMEs)

In the digital age, IT security is not a luxury but a necessity for companies of all sizes. Small and medium-sized enterprises (SMEs)...
Let's save our planet, together!

Let's save our planet, together!

Hello everyone! I am excited to share with you some great news about Cyberangels, which demonstrates the company's ongoing commitment to the fight against climate change....
Disinformation and Cybersecurity: the digital challenges of modern business

Disinformation and Cybersecurity: the digital challenges of modern business

Today's digital world is more connected than ever before, offering countless benefits to companies. However, with this connection comes new challenges and threats. Two of the...

Your company finally protected and secure.

We offer protection and insurance tailored to your company and your level of risk.
Registration free of charge.

Contact us for more information

Your report is in process

Report processing can take up to 30 minutes.


As soon as it is ready, you will receive it conveniently in your email box.


You may now close this page.


Thank you! 

We have received your request

We are preparing your report. As soon as it is finished, you will receive it conveniently in your email box.