REvil back online

Russia-linked ransomware group REvil, which mysteriously disappeared from the web in July is now back online. Its infrastructure – the Tor payment/negotiation site and the Tor data leak site ‘Happy Blog’ – started functioning on 7 September. It is still unclear if the servers were turned on by the group itself. Theories about why REvil disappeared range from: its public representative disappearing, prompting the gang to panic and turn off servers; to they simply took a break.