Note that REvil is the group behind the Colonial Pipeline hack that took down gas supplies down the eastern seaboard earlier this year. They were taken offline by (presumably) the U.S. intelligence services shortly after that hack.
It's interesting that a.) they're back and b.) a secret backdoor that allows REvil to override their affiliates and restore access themselves is found shortly afterwards. Particularly since REvil, in the immediate aftermath of Colonial Pipeline, before they were shut down, sent out a message to their affiliates forbidding any attacks on governments or critical infrastructure. An alternative explanation is that they cut a deal with the CIA where they are allowed to continue to operate in exchange for instituting a backdoor and handing over the keys to major Western governments, such that if they hit any "politically embarrassing" targets, the government can override the affiliate and restore operations.
Keep your friends close and your enemies closer. It's often smarter to co-opt an adversary than it is to shut them down entirely.
>> An alternative explanation is that they cut a deal with the CIA where they are allowed to continue to operate in exchange for instituting a backdoor
CIA would demand a cut of the revenue as well. It should be appalling that anyone would think this is a possibility but sadly I do not put anything past US Federal Agencies anymore
It's interesting that a.) they're back and b.) a secret backdoor that allows REvil to override their affiliates and restore access themselves is found shortly afterwards. Particularly since REvil, in the immediate aftermath of Colonial Pipeline, before they were shut down, sent out a message to their affiliates forbidding any attacks on governments or critical infrastructure. An alternative explanation is that they cut a deal with the CIA where they are allowed to continue to operate in exchange for instituting a backdoor and handing over the keys to major Western governments, such that if they hit any "politically embarrassing" targets, the government can override the affiliate and restore operations.
Keep your friends close and your enemies closer. It's often smarter to co-opt an adversary than it is to shut them down entirely.