DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

REvil ransomware’s servers reappear without fanfare or explanation

Posted on September 8, 2021 by Dissent

Brett Callow of Emsisoft broke the unpleasant news on Twitter last night — REvil’s dedicated leak site, “The Happy Blog,” which had disappeared after the Kaseya supply chain attack, had reappeared at its old onion address.

Unfortunately, the Happy Blog is back online #REvil pic.twitter.com/vMr9qTOht2

— Brett Callow (@BrettCallow) September 7, 2021

There were no new listings since their unannounced sudden disappearance in July — at least not yet — but the news  predictably generated some buzz and speculation, as the Sodinokibi operators had presumably been collaborating with DarkSide and other threat actors these days.  Lawrence Abrams of BleepingComputer raises the possibility that the server may have been turned back on by law enforcement.

Eventually, we will find out more. REvil’s “Unknown” has not been shy about issuing press releases or talking to reporters, so we may learn more soon.

Related posts:

  • Some Kaseya victims privately negotiating with REvil
  • Sodinokibi/REvil Ransomware Defendant Extradited to United States and Arraigned in Texas
  • Before you leave for the holiday weekend, if you haven’t left already…
  • A 2020 Data Breach That Continues To Remain An Unsolved Mystery
Category: Commentaries and AnalysesMalware

Post navigation

← Texas Right to Life website exposed job applicants’ resumes
Ukrainian Cyber Criminal Extradited For Decrypting The Credentials Of Thousands Of Computers Across The World And Selling Them On A Dark Web Website →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.