Russian ransomware group's dark web sites mysteriously go down

• President Biden called Russian President Vladimir Putin on Friday to demand that he crack down on cyber gangs operating in Russia.
• He warned that the U.S. would take action to "defend its people" against ransomware attacks, and suggested that could include taking the hackers' servers offline.

Flashback: DarkSide, another Russia-based hacking group, ceased operations after it shut down the Colonial Pipeline during a ransomware operation, leading to widespread gas shortages in the U.S. for several days.

• The Department of Justice later announced that U.S. investigators gained access to the infrastructure DarkSide used to carry out its extortion operations and recovered part of the ransomware payment the pipeline gave the group to regain access to its computers.

Yes, but: Security experts have said that cyber criminal groups sometimes disband and return under different names, and it therefore currently can't be determined if the disruption to REvil's web sites is permanent.

The big picture: The full extent of REvil's most recent ransomware operation is still unknown.

• The group was responsible for several other prominent ransomware attempts, including one that forced major meat supplier JBS to briefly shut down its beef plants across the U.S.
• REvil at one point was demanding $70 million to restore data they claimed for ransom through the July 4 weekend operation that targeted Kaseya software, though it's currently unknown how many companies made ransom payments.

Go deeper: Assessing the size of the Kaseya ransomware attack