The REvil encryptor stopped working again – all operations were stopped, as an unknown person hacked the group’s website, through which hackers accepted payments from victims and “leaked” data stolen from companies. Bleeping Computer reports that all Tor sites of the group have been disabled, and a representative of REvil posted a message on the… Continue reading REvil ransomware stopped working again, now after hacking sites
Tag: REvil operators
Ukrainian cyber police arrested ransomware operators who “earned” $150 million
Ukrainian Cyber Police have arrested two operators of an unnamed ransomware. It is reported that the operation was carried out jointly by the Ukrainian and French police, the FBI, Europol and Interpol. The suspects are believed to have been involved in attacks on 100 North American and European companies, “earning” in this way over $… Continue reading Ukrainian cyber police arrested ransomware operators who “earned” $150 million
Hack group REvil deceived their partners due to a backdoor
The researchers found that the creators of REvil deceived their partners using a scheme that allowed them to decrypt any systems blocked by the ransomware and take the entire ransom for themselves. Their partners ended up with nothing. Let me remind you that REvil (aka Sodinokibi) has existed since 2019 and is considered to be… Continue reading Hack group REvil deceived their partners due to a backdoor
Added utility for decrypting data after REvil attacks
The Romanian company Bitdefender has published a universal utility for decrypting data affected by REvil (Sodinokibi) ransomware attacks. The tool works for any data encrypted before July 13, 2021. However, the company has so far refused to provide any details, citing an ongoing investigation. Let me remind you that on July 13 of this year… Continue reading Added utility for decrypting data after REvil attacks
REvil ransomware resumed attacks
Last week, the infrastructure of REvil (Sodinokibi) returned online after months of downtime, and now the ransomware has resumed attacks. The fact is that in July 2021, the hack group went offline without giving any reason. Then it was a question of shutting down an entire network of conventional and darknet sites that were used… Continue reading REvil ransomware resumed attacks
REvil operators are blackmailing Apple
Media reported that REvil ransomware operators are blackmailing Apple and demand a ransom. Otherwise, they threaten to arrange a leak of company’s confidential information. The hackers claim to have obtained data on Apple products after the Taiwanese company Quanta Computer was hacked. It is the world’s largest laptop manufacturer and also one of the few… Continue reading REvil operators are blackmailing Apple