REvil Cyber Criminal Gang is Back With new DDoS Attacks

  • By Patrick Ryan
  • May 31, 2022

REvil, one of the most feared cyber gangs in the history of the internet, appears to have returned. The hacking collective is back on the scene with new DDoS attacks.

Who is REvil Targeting?

Individuals who insist they are the remaining members of REvil’s ransomware team are adamant they are zeroing in on Akamai. To be more specific, the hackers state they are primarily targeting Akamai’s clients though the scope of the attacks will likely expand as time progresses. If you have not yet updated your digital protections, now is the time to do so.

When did the Attacks Begin?

Digital security specialists have analyzed the attacks launched by the supposed REvil hacking collective in recent months. The most significant of the attacks, the DDoS attack, was levied on May 12. The digital security team was notified of the potential problem after a client made them aware of the threat. The attack turned out to be digital aggression from a group allegedly tied to REvil.  

The timing of the May DDoS attack is interesting as it comes nearly one year after the original REvil went dark. The initial incarnation of REvil halted operations in the summer of 2021 after successful attacks against the likes of JBS foods, Kaseya and Apple. Affiliates of the cyber gang were subsequently arrested in November of 2021.

What Types of Attacks are Being Used?

REvil is using a Layer 7 attack. This digital attack is primarily focused on obtaining extortion payment in the form of a crypto ransom. REvil has mainly requested Bitcoin in its attacks. REvil is also taking credit for a DDoS campaign. DDoS is an acronym commonly used in tech circles to refer to a distributed denial-of-service attack.  

The attacks have zeroed in on specific websites with the transmission of an HTTP/2 GET wave request sent over and over with techniques used for cache-busting. This unique approach is designed in such a manner to overpower the website’s defenses. Furthermore, the attack’s requests are advanced to the point that they even have built-in payment demands, a digital wallet used for bitcoin, and even include additional demands related to politics, business, finances, and more.  

Is REvil Really Behind the Attack?

Though the supposed remnants of the REvil ransomware group insist they represent the collective, no one is sure whether they are legitimate. Digital security researchers who have delved into the matter believe the attack might not be REvil. Rather, the online attack could be conducted by a similar group or one looking to shift attention away from itself.  

It is interesting to note that the previous hackers in the REvil collective were not political. However, the renewed REvil has a political agenda, making it appear that the two groups might be separate and distinct. The initial REvil hackers were strictly motivated by monetary gain instead of social or political justice. The political component of the recent attack is likely tied to a legal ruling pertaining to the group’s business model. There is also the potential that the new hackers have nothing to do with REvil and are simply using the defunct group’s name to intimidate targets.

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagra ... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “Alien ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the co ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% ... Read More

Clients’ Bank Data Exposed in Blackbaud Ransomware Attack

Blackbaud software was victim to a ransomware attack last May, and new information suggests that c ... Read More

Latest Articles

Misconfigured Database Spurs Theft of 63 Million OneMoreLead Records

Misconfigured Database Spurs Theft of 63 Million OneMoreLead Records

OneMoreLead, a business-to-business (B2B) marketing enterprise, suffered a significant data breach late last year. The marketing company left a database misconfigured, prompting the unintentional leaking of 63 million records. 

How to Prevent Data Loss from a Phone Scam

How to Prevent Data Loss from a Phone Scam

When you think of scams, you probably think of them as someone trying to trick you out of money. While data loss is typically not the primary goal of a scam, it can be the outcome.

UNM Health Data Breach

UNM Health Data Breach

The personal information of nearly 700,000 individuals was stolen in a data breach at the University of New Mexico Health. The data breach was revealed in the second half of 2021.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.