Lucene search
K

4 matches found

The Hacker News
The Hacker News
added 2022/05/10 1:2 p.m.24 views

New REvil Samples Indicate Ransomware Gang is Back After Months of Inactivity

The notorious ransomware operation known as REvil aka Sodin or Sodinokibi has resumed after six months of inactivity, an analysis of new ransomware samples has revealed. "Analysis of these samples indicates that the developer has access to REvil's source code, reinforcing the likelihood that the...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2021/03/12 9:5 p.m.65 views

REvil Group Claims Slew of Ransomware Attacks

The REvil ransomware threat group is on a cyberattack tear, claiming over the past two weeks to have infected nine organizations across Africa, Europe, Mexico and the U.S. The organizations include two law firms, an insurance company, an architectural firm, a construction company and an...

0.1AI score
Exploits0References12
Krebs on Security
Krebs on Security
added 2019/07/15 3:58 p.m.55 views

Is ‘REvil’ the New GandCrab Ransomware?

The cybercriminals behind the GandCrab ransomware-as-a-service RaaS offering recently announced they were closing up shop and retiring after having allegedly earned more than $2 billion in extortion payments from victims. But a growing body of evidence suggests the GandCrab team have instead...

7.1AI score
Exploits0
Securelist
Securelist
added 2019/07/03 10:0 a.m.362 views

Sodin ransomware exploits Windows vulnerability and processor architecture

When Sodin also known as Sodinokibi and REvil appeared in the first half of 2019, it immediately caught our attention for distributing itself through an Oracle Weblogic vulnerability and carrying out attacks on MSP providers. In a detailed analysis, we discovered that it also exploits the...

7.2CVSS0.3AI score0.69833EPSS
Exploits9
Rows per page
Query Builder