What is REvil?REvil is an ambitious criminal ransomware-as-a-service (RAAS) enterprise that first came to prominence in April 2019, following the demise of another ransomware gang GandCrab.The REvil group is also known sometimes by other names such as Sodin and Sodinokibi.There’s been plenty of ransomware before. What makes REvil so special?REvil has gained a reputation for attempting to extort far larger payments from its corporate victims than that typically seen in other attacks. It is actively promoted underground cybercrime forums as the best choice for attacking business networks where there is more money to be made than infecting the computers of home users.Aside from the many high profile companies and organisations who have fallen foul of REvil, it is stealing data from the computers and networks of its victims before they are encrypted. This is a technique of applying additional pressure on victims which is becoming more and more commonplace.REvil threatens to release stolen data, by auctioning it off on its website (anachronistically called the “Happy Blog”) if ransom demands are not met.
The “Happy Blog” lists recent victims of REvil, attaching a sample of the stolen data as proof that information has been exfiltrated from an organisation. The REvil gang even offers a “trial” decryption to prove to the victim that their files can be decrypted.A countdown timer indicates when data leaks will be made public, applying more pressure to companies debating how they should respond.Hello – some of your fil ..
Support the originator by clicking the read the rest link below.
