REvil was a Russia-based or Russian-speaking private ransomware-as-a-service (RaaS) operation. After an attack, REvil would threaten to publish the ...Read more

How can REvil ransomware attacks be prevented? The same cybersecurity methods and controls used to prevent other types of cybercrime and ransomware attacks ...Read more

Nov 27, 2025 — The REvil (also known as Sodinokibi) ransomware was used by the financially motivated GOLD SOUTHFIELD threat group, which distributes ...

REvil ransomware is a file blocking virus considered a serious threat that encrypts files after infection and discards a ransom request message.

Nov 18, 2025 — A malicious hotfix was released by Kaseya VSA servers resulting in the compromise and encryption of thousands of nodes at hundreds of ...

Aug 4, 2020 — REvil is a ransomware family that has been linked to the GOLD SOUTHFIELD group and operated as ransomware-as-a-service (RaaS) since at least ...Read more

Dec 20, 2021 — REvil, also known as Sodinokibi, had risen to notoriety for its high-profile attacks since its discovery in 2019. After being among the most active ransomware ...

Jul 6, 2021 — Ransomware cases worked by Unit 42 consultants in the first six months of 2021 reveal insights into the preferred tactics of REvil threat ...

Sep 29, 2022 — The REvil ransomware gang is back online after the January 2022 arrests of several its members by Russian authorities claiming to dismantle the group.Read more

Jul 13, 2021 — The REvil group has been blamed for cyber-attacks on hundreds of businesses worldwide.

Research By: Tom Fakterman. What is Sodinokibi RANSOMWARE? In April of 2019, the Cybereason Nocturnus team encountered and analyzed a new type of ransomware ...Read more

Nov 30, 2022 — Ransomware-as-a-Service (RaaS) operations are becoming more common and more profitable for threat actors looking to launch a variety of attacks.Read more

What was the REvil ransomware group? How did REvil ransomware attacks work? Major REvil Attacks: 3 Key Case Studies. Kaseya Supply Chain Attack (July 2021); JBS ...Read more

Dec 22, 2022 — Unlike the SolarWinds attack, the attackers' goal was monetary gain rather than cyber espionage. The attacks have been attributed to REvil, ...Read more

Nov 11, 2022 — Australian Federal Police Commissioner Reece Kershaw on Friday confirmed police believe the criminal group behind the recent Medibank cyber ...Read more

Aug 19, 2021 — Ransomware, first discovered by Cisco in April 2019. • Functional/technical similarities to GandCrab; likely at least some of same operators.Read more

Apr 22, 2021 — REvil is a criminal ransomware-as-a-service (RAAS) enterprise that first came to prominence after the demise of the Gandcrab gang.

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our ...Read more

Jun 23, 2025 — Four members of the notorious cybercriminal group REvil were found guilty of financial fraud and computer crimes targeting primarily American victims, but were ..

The REvil (also known as Sodinokibi) ransomware operation has taken the spotlight in recent years. The Russian group operates by direct attacks, and also in ...