SYMBOL | COMMON_NAME | aka. SYNONYMS |
ELF version of win.revil targeting VMware ESXi hypervisors.
2022-09-28
⋅
vmware
⋅
ESXi-Targeting Ransomware: The Threats That Are After Your Virtual Machines (Part 1) Avoslocker Babuk Black Basta BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit Luna RansomEXX RedAlert Ransomware REvil |
2022-08-22
⋅
Microsoft
⋅
Extortion Economics - Ransomware’s new business model BlackCat Conti Hive REvil AgendaCrypt Black Basta BlackCat Brute Ratel C4 Cobalt Strike Conti Hive Mount Locker Nokoyawa Ransomware REvil Ryuk |
2022-05-09
⋅
Microsoft
⋅
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself AnchorDNS BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit REvil FAKEUPDATES Griffon ATOMSILO BazarBackdoor BlackCat BlackMatter Blister Cobalt Strike Conti DarkSide Emotet FiveHands Gozi HelloKitty Hive IcedID ISFB JSSLoader LockBit LockFile Maze NightSky Pandora Phobos Phoenix Locker PhotoLoader QakBot REvil Rook Ryuk SystemBC TrickBot WastedLocker BRONZE STARLIGHT |
2022-03-17
⋅
Trend Micro
⋅
Navigating New Frontiers Trend Micro 2021 Annual Cybersecurity Report REvil BazarBackdoor Buer IcedID QakBot REvil |
2022-02-14
⋅
Darktrace
⋅
Staying ahead of REvil’s Ransomware-as-a-Service business model REvil REvil |
2022-02-09
⋅
vmware
⋅
Exposing Malware in Linux-Based Multi-Cloud Environments ACBackdoor BlackMatter DarkSide Erebus HelloKitty Kinsing PLEAD QNAPCrypt RansomEXX REvil Sysrv-hello TeamTNT Vermilion Strike Cobalt Strike |
2022-01-27
⋅
ANALYST1
⋅
A History of Revil REvil REvil |
2022-01-14
⋅
FSB
⋅
Unlawful Activities of Members of an Organized Criminal Community were suppressed REvil REvil |
2022-01-14
⋅
Advanced Intelligence
⋅
Storm in "Safe Haven": Takeaways from Russian Authorities Takedown of REvil REvil REvil |
2021-12-20
⋅
Trend Micro
⋅
Ransomware Spotlight: REvil REvil REvil |
2021-12-20
⋅
YouTube (Malienist)
⋅
Revil Linux Ransomware: Revix REvil |
2021-12-07
⋅
Revix Linux Ransomware REvil |
2021-12-02
⋅
Ankura
⋅
Revix Linux Ransomware REvil |
2021-11-17
⋅
BBC
⋅
Evil Corp: 'My hunt for the world's most wanted hackers' REvil REvil |
2021-11-16
⋅
Trend Micro
⋅
Global Operations Lead to Arrests of Alleged Members of GandCrab/REvil and Cl0p Cartels REvil Clop Gandcrab REvil |
2021-11-10
⋅
⋅
RT on the Russian
⋅
"He does not get in touch": what is known about Barnaul, wanted by the FBI on charges of cybercrime REvil REvil |
2021-11-08
⋅
⋅
DIICOT (Romanian Directorate for Investigating Organized Crime and Terrorism)
⋅
Press release 2 08.11.2021 REvil REvil |
2021-11-08
⋅
Department of Justice
⋅
Indictment of Yaroslav Vasinskyi (REvil affiliate) REvil REvil |
2021-11-08
⋅
KrebsOnSecurity
⋅
REvil Ransom Arrest, $6M Seizure, and $10M Reward REvil REvil |
2021-11-08
⋅
The Record
⋅
US arrests and charges Ukrainian man for Kaseya ransomware attack REvil REvil |
2021-11-08
⋅
FBI
⋅
WANTED poster for Yevhgyeniy Polyanin (REvil affiliate) REvil REvil |
2021-11-08
⋅
Department of Justice
⋅
Ukrainian Arrested and Charged with Ransomware Attack on Kaseya REvil REvil |
2021-11-08
⋅
Department of Justice
⋅
Indictment of Yevgeniy Polyanin, one off the REvil affliates REvil REvil |
2021-11-08
⋅
U.S. Department of the Treasury
⋅
Advisory on Ransomware and the Use of the Financial System to Facilitate Ransom Payments REvil REvil |
2021-11-08
⋅
U.S. Department of the Treasury
⋅
Treasury Continues to Counter Ransomware as Part of Whole-of-Government Effort; Sanctions Ransomware Operators and Virtual Currency Exchange (Yaroslav Vasinskyi & Yevgeniy Polyanin) REvil REvil |
2021-10-28
⋅
⋅
BR.DE
⋅
Mutmaßlicher Ransomware-Millionär identifiziert REvil REvil |
2021-10-26
⋅
Intezer
⋅
Tweet on Linux version of REvil ransomware REvil |
2021-10-25
⋅
KELA
⋅
Will the REvil Story Finally be Over? REvil REvil |
2021-10-22
⋅
Darkowl
⋅
“Page Not Found”: REvil Darknet Services Offline After Attack Last Weekend REvil REvil |
2021-10-22
⋅
Reuters
⋅
EXCLUSIVE Governments turn tables on ransomware gang REvil by pushing it offline REvil REvil |
2021-10-18
⋅
Flashpoint
⋅
REvil Disappears Again: ‘Something Is Rotten in the State of Ransomware’ REvil REvil |
2021-10-17
⋅
Bleeping Computer
⋅
REvil ransomware shuts down again after Tor sites were hijacked REvil REvil |
2021-10-12
⋅
CrowdStrike
⋅
ECX: Big Game Hunting on the Rise Following a Notable Reduction in Activity Babuk BlackMatter DarkSide REvil Avaddon Babuk BlackMatter DarkSide LockBit Mailto REvil |
2021-10-11
⋅
Accenture
⋅
Moving Left of the Ransomware Boom REvil Cobalt Strike MimiKatz RagnarLocker REvil |
2021-09-29
⋅
Flashpoint
⋅
Russian hacker Q&A: An Interview With REvil-Affiliated Ransomware Contractor REvil REvil |
2021-09-22
⋅
Secureworks
⋅
REvil Ransomware Reemerges After Shutdown; Universal Decryptor Released REvil REvil |
2021-09-14
⋅
CrowdStrike
⋅
Big Game Hunting TTPs Continue to Shift After DarkSide Pipeline Attack BlackMatter DarkSide REvil Avaddon BlackMatter Clop Conti CryptoLocker DarkSide DoppelPaymer Hades REvil |
2021-08-30
⋅
CrowdStrike
⋅
Hypervisor Jackpotting, Part 2: eCrime Actors Increase Targeting of ESXi Servers with Ransomware Babuk HelloKitty REvil |
2021-07-28
⋅
Digital Shadows
⋅
REvil: Analysis of Competing Hypotheses REvil REvil |
2021-07-19
⋅
Elliptic
⋅
REvil Revealed - Tracking a Ransomware Negotiation and Payment REvil REvil |
2021-07-13
⋅
Threat Post
⋅
Ransomware Giant REvil’s Sites Disappear REvil REvil |
2021-07-05
⋅
Github (f0wl)
⋅
REvil Linux Configuration Extractor REvil |
2021-07-04
⋅
CISA
⋅
CISA-FBI Guidance for MSPs and their Customers Affected by the Kaseya VSA Supply-Chain Ransomware Attack REvil REvil |
2021-07-03
⋅
Cybleinc
⋅
Uncensored Interview with REvil / Sodinokibi Ransomware Operators REvil REvil |
2021-07-01
⋅
DomainTools
⋅
The Most Prolific Ransomware Families: A Defenders Guide REvil Conti Egregor Maze REvil |
2021-07-01
⋅
AT&T Cybersecurity
⋅
REvil’s new Linux version REvil REvil |
2021-07-01
⋅
Threatpost
⋅
Linux Variant of REvil Ransomware Targets VMware’s ESXi, NAS Devices REvil |
2021-06-29
⋅
Twitter (@VK_intel)
⋅
Tweet on Linux version of REvil ransomware REvil |
2021-06-29
⋅
YouTube (C. Beek)
⋅
Demo of REvil/Sodinokibi Linux variant encrypting a Linux system REvil |
2021-06-28
⋅
Twitter (@AdamTheAnalyst)
⋅
Tweet on suspected REvil exfiltration (over RClone FTP) server REvil REvil |
2021-06-28
⋅
AT&T
⋅
REvil ransomware Linux version (with YARA rule) REvil |
2021-06-28
⋅
Twitter (@VK_intel)
⋅
Tweet on ELF version of REvil REvil |
There is no Yara-Signature yet.