{"id":37624,"date":"2021-07-13T18:37:28","date_gmt":"2021-07-14T01:37:28","guid":{"rendered":"https:\/\/lapost.us\/?p=37624"},"modified":"2021-07-13T18:37:28","modified_gmt":"2021-07-14T01:37:28","slug":"russian-hacking-group-believed-to-be-behind-kaseya-attack-goes-offline","status":"publish","type":"post","link":"https:\/\/lapost.us\/?p=37624","title":{"rendered":"Russian hacking group believed to be behind Kaseya attack goes offline"},"content":{"rendered":"<p>Websites on the dark web used by a criminal hacking group believed to be behind the recent massive ransomware attack on software company Kaseya went offline Tuesday.<\/p>\n<p>The hacking group, REvil, is believed to be based in Russia, and has been linked by the FBI to the ransomware attack in May on JBS USA, the nation\u2019s largest beef producer. The more recent attack on Kaseya impacted up to 1,500 companies, many of them small businesses.<\/p>\n<p>According to\u00a0<a href=\"https:\/\/click1.email.thehill.com\/ayysrvbzlmmncvcmnyhllnsslbngmbmwwplzvtgmkdmmlk_ucwhnnwqwshfqfqhqnnp.html\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https:\/\/www.google.com\/url?q=https:\/\/click1.email.thehill.com\/ayysrvbzlmmncvcmnyhllnsslbngmbmwwplzvtgmkdmmlk_ucwhnnwqwshfqfqhqnnp.html&amp;source=gmail&amp;ust=1626310617225000&amp;usg=AFQjCNES_EvP7mUcQsuiFvsqq1GSkvLNHQ\">The New York Times<\/a>, the websites on the dark web used by REvil to negotiate payment with victims and lists of companies it had targeted went dark early on Tuesday morning.<\/p>\n<p>John Hultquist, the vice president of Analysis at cybersecurity group FireEye\u2019s Mandiant Threat Intelligence, confirmed the takedown, saying in a statement provided to The Hill Tuesday that \u201cat the time of analysis all known websites associated with the REvil ransomware RaaS are offline or non-responsive.\u201d<\/p>\n<p>It is unclear what caused the hacking group to go dark. The developments come less than a week after\u00a0President Biden\u00a0called Russian President\u00a0Vladimir Putin\u00a0and strongly urged him to take further action against ransomware groups based in Russia.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Websites on the dark web used&#46;&#46;&#46;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,12],"tags":[],"class_list":["post-37624","post","type-post","status-publish","format-standard","hentry","category-business","category-science-tech"],"_links":{"self":[{"href":"https:\/\/lapost.us\/index.php?rest_route=\/wp\/v2\/posts\/37624","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lapost.us\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lapost.us\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lapost.us\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lapost.us\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=37624"}],"version-history":[{"count":1,"href":"https:\/\/lapost.us\/index.php?rest_route=\/wp\/v2\/posts\/37624\/revisions"}],"predecessor-version":[{"id":37625,"href":"https:\/\/lapost.us\/index.php?rest_route=\/wp\/v2\/posts\/37624\/revisions\/37625"}],"wp:attachment":[{"href":"https:\/\/lapost.us\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=37624"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lapost.us\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=37624"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lapost.us\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=37624"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}