REvil Sodinokibi Archives - Security Affairs

Pierluigi Paganini October 28, 2021

German investigators identify crypto millionaire behind REvil operations

German authorities have identified a Russian man named Nikolay K. who is suspected to be a prominent member of the REvil ransomware gang. REvil ransomware gang is one of the most successful ransomware operations, the group and its affiliated hit hundreds of organizations worldwide. On July 2, the gang hit the Kaseya cloud-based MSP platform impacting MSPs and their […]

Pierluigi Paganini June 29, 2021

Linux version of REvil ransomware targets ESXi VM

The REvil ransomware operators added a Linux encryptor to their arsenal to encrypt Vmware ESXi virtual machines. The REvil ransomware operators are now using a Linux encryptor to encrypts Vmware ESXi virtual machines which are widely adopted by enterprises. The availability of the Linux encryptor was announced by the REvil gang in May, a circumstance […]

Pierluigi Paganini June 23, 2021

LV ransomware operators repurposed a REvil binary to launch a new RaaS

The LV ransomware operators repurposed a REvil binary to create their own strain and launch a ransomware-as-a-service (RaaS). A threat actor known as LV ransomware gang is trying to enter the cybercrime arena, it repurposed a REvil binary almost to create their own strain and launch a ransomware-as-a-service (RaaS). The Sodinokibi/REvil is one of the […]

Pierluigi Paganini March 20, 2021

REvil ransomware gang hacked Acer and is demanding a $50 million ransom

Taiwanese multinational hardware and electronics corporation Acer was victim of a REvil ransomware attack, the gang demanded a $50,000,000 ransom. Taiwanese computer giant Acer was victim of the REvil ransomware attack, the gang is demanding the payment of a $50,000,000 ransom, the largest one to date. Acer is the world’s 6th-largest PC vendor by unit sales as of […]

Pierluigi Paganini November 19, 2020

REvil ransomware demands 500K ransom to Managed.com hosting provider

Managed web hosting provider Managed.com was hit with REvil ransomware that forced it to take down their servers and web hosting systems. Managed web hosting provider Managed.com was hit by a REvil ransomware attack over the weekend that took their servers and web hosting systems offline. At the time of writing this post, Managed.com hosting […]

Pierluigi Paganini August 16, 2020

Sodinokibi ransomware gang stole 1TB of data from Brown-Forman

Sodinokibi (REvil) ransomware operators announced on Friday to have hacked Brown-Forman, one of the largest U.S. firm in the spirits and wine business. Sodinokibi (REvil) ransomware operators announced last week to have breached the network of the Brown-Forman, one of the largest U.S. firm in the spirits and wine business. Threat actors claim to have […]