REvil, the group responsible for the Kaseya attack in July that affected thousands of companies, appears to have come partially back online. The group had been completely dark since July 13, but its "Happy Blog" and other sites are back online.
- REvil has been responsible for over 360 ransomware attacks so far in 2021.
- The group provides victims with features like a help desk, a negotiation panel, and a payment site that helps facilitate payment and the release of their files.
- The group's Kaseya attack sparked a meeting between U.S. President Joe Biden and Russian President Vladimir Putin over Russian-based ransomware groups.
- Both U.S. and Russian officials denied involvement in REvil's recent disappearance.
- Analysts had expected REvil to return with a different name and different ransomware. One told ZDNet that if this is really the same group, they didn't buy themselves much distance from law enforcement by coming back now.