A seasoned ransomware threat researcher has warned against taking any of the chatter around the disappearance of the Windows REvil ransomware group for a second time seriously, given that the forums on which these posts are heavily monitored.
Brett Callow, who works with the New Zealand-headquartered security outfit Emsisoft, told iTWire: "Everybody knows the forums are monitored, and that includes the crims. The information they post is likely to be complete bollocks intended to mislead anybody who may be trying to work out what they’re actually up to. Law enforcement, for example."
The website Bleeping Computer, which is something of a specialist operation as far as ransomware is concerned, said the shutdown had taken place after someone hijacked the group's Tor payment leak portal and data leak blog on the dark web. read more here