SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.revil (Back to overview)

REvil

aka: REvix

ELF version of win.revil targeting VMware ESXi hypervisors.

References
2022-09-28vmwareGiovanni Vigna
ESXi-Targeting Ransomware: The Threats That Are After Your Virtual Machines (Part 1)
Avoslocker Babuk Black Basta BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit Luna RansomEXX RedAlert Ransomware REvil
2022-08-22MicrosoftMicrosoft
Extortion Economics - Ransomware’s new business model
BlackCat Conti Hive REvil AgendaCrypt Black Basta BlackCat Brute Ratel C4 Cobalt Strike Conti Hive Mount Locker Nokoyawa Ransomware REvil Ryuk
2022-05-09MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself
AnchorDNS BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit REvil FAKEUPDATES Griffon ATOMSILO BazarBackdoor BlackCat BlackMatter Blister Cobalt Strike Conti DarkSide Emotet FiveHands Gozi HelloKitty Hive IcedID ISFB JSSLoader LockBit LockFile Maze NightSky Pandora Phobos Phoenix Locker PhotoLoader QakBot REvil Rook Ryuk SystemBC TrickBot WastedLocker BRONZE STARLIGHT
2022-03-17Trend MicroTrend Micro Research
Navigating New Frontiers Trend Micro 2021 Annual Cybersecurity Report
REvil BazarBackdoor Buer IcedID QakBot REvil
2022-02-14DarktraceOakley Cox
Staying ahead of REvil’s Ransomware-as-a-Service business model
REvil REvil
2022-02-09vmwareVMWare
Exposing Malware in Linux-Based Multi-Cloud Environments
ACBackdoor BlackMatter DarkSide Erebus HelloKitty Kinsing PLEAD QNAPCrypt RansomEXX REvil Sysrv-hello TeamTNT Vermilion Strike Cobalt Strike
2022-01-27ANALYST1Jon DiMaggio
A History of Revil
REvil REvil
2022-01-14FSBFSB
Unlawful Activities of Members of an Organized Criminal Community were suppressed
REvil REvil
2022-01-14Advanced IntelligenceYelisey Boguslavskiy
Storm in "Safe Haven": Takeaways from Russian Authorities Takedown of REvil
REvil REvil
2021-12-20Trend MicroTrend Micro Research
Ransomware Spotlight: REvil
REvil REvil
2021-12-20YouTube (Malienist)Vishal Thakur
Revil Linux Ransomware: Revix
REvil
2021-12-07Vishal Thakur
Revix Linux Ransomware
REvil
2021-12-02AnkuraVishal Thakur
Revix Linux Ransomware
REvil
2021-11-17BBCJoe Tidy
Evil Corp: 'My hunt for the world's most wanted hackers'
REvil REvil
2021-11-16Trend MicroTrend Micro
Global Operations Lead to Arrests of Alleged Members of GandCrab/REvil and Cl0p Cartels
REvil Clop Gandcrab REvil
2021-11-10RT on the RussianAleksey Polyakov, Alena Goinskaya, Ekaterina Suslova, Elizaveta Koroleva
"He does not get in touch": what is known about Barnaul, wanted by the FBI on charges of cybercrime
REvil REvil
2021-11-08DIICOT (Romanian Directorate for Investigating Organized Crime and Terrorism)DIICOT (Romanian Directorate for Investigating Organized Crime and Terrorism)
Press release 2 08.11.2021
REvil REvil
2021-11-08Department of JusticeDepartment of Justice
Indictment of Yaroslav Vasinskyi (REvil affiliate)
REvil REvil
2021-11-08KrebsOnSecurityBrian Krebs
REvil Ransom Arrest, $6M Seizure, and $10M Reward
REvil REvil
2021-11-08The RecordCatalin Cimpanu
US arrests and charges Ukrainian man for Kaseya ransomware attack
REvil REvil
2021-11-08FBIFBI
WANTED poster for Yevhgyeniy Polyanin (REvil affiliate)
REvil REvil
2021-11-08Department of JusticeDepartment of Justice
Ukrainian Arrested and Charged with Ransomware Attack on Kaseya
REvil REvil
2021-11-08Department of JusticeDepartment of Justice
Indictment of Yevgeniy Polyanin, one off the REvil affliates
REvil REvil
2021-11-08U.S. Department of the TreasuryU.S. Department of the Treasury
Advisory on Ransomware and the Use of the Financial System to Facilitate Ransom Payments
REvil REvil
2021-11-08U.S. Department of the TreasuryU.S. Department of the Treasury
Treasury Continues to Counter Ransomware as Part of Whole-of-Government Effort; Sanctions Ransomware Operators and Virtual Currency Exchange (Yaroslav Vasinskyi & Yevgeniy Polyanin)
REvil REvil
2021-10-28BR.DEHakan Tanriverdi, Maximilian Zierer
Mutmaßlicher Ransomware-Millionär identifiziert
REvil REvil
2021-10-26IntezerTwitter (IntezerLabs)
Tweet on Linux version of REvil ransomware
REvil
2021-10-25KELAVictoria Kivilevich
Will the REvil Story Finally be Over?
REvil REvil
2021-10-22DarkowlDarkowl
“Page Not Found”: REvil Darknet Services Offline After Attack Last Weekend
REvil REvil
2021-10-22ReutersChristopher Bing, Joseph Menn
EXCLUSIVE Governments turn tables on ransomware gang REvil by pushing it offline
REvil REvil
2021-10-18FlashpointFlashpoint
REvil Disappears Again: ‘Something Is Rotten in the State of Ransomware’
REvil REvil
2021-10-17Bleeping ComputerLawrence Abrams
REvil ransomware shuts down again after Tor sites were hijacked
REvil REvil
2021-10-12CrowdStrikeCrowdStrike Intelligence Team
ECX: Big Game Hunting on the Rise Following a Notable Reduction in Activity
Babuk BlackMatter DarkSide REvil Avaddon Babuk BlackMatter DarkSide LockBit Mailto REvil
2021-10-11AccentureAccenture Cyber Threat Intelligence
Moving Left of the Ransomware Boom
REvil Cobalt Strike MimiKatz RagnarLocker REvil
2021-09-29FlashpointFlashpoint
Russian hacker Q&A: An Interview With REvil-Affiliated Ransomware Contractor
REvil REvil
2021-09-22SecureworksCounter Threat Unit ResearchTeam
REvil Ransomware Reemerges After Shutdown; Universal Decryptor Released
REvil REvil
2021-09-14CrowdStrikeCrowdStrike Intelligence Team
Big Game Hunting TTPs Continue to Shift After DarkSide Pipeline Attack
BlackMatter DarkSide REvil Avaddon BlackMatter Clop Conti CryptoLocker DarkSide DoppelPaymer Hades REvil
2021-08-30CrowdStrikeMichael Dawson
Hypervisor Jackpotting, Part 2: eCrime Actors Increase Targeting of ESXi Servers with Ransomware
Babuk HelloKitty REvil
2021-07-28Digital ShadowsPhoton Research Team
REvil: Analysis of Competing Hypotheses
REvil REvil
2021-07-19EllipticElliptic
REvil Revealed - Tracking a Ransomware Negotiation and Payment
REvil REvil
2021-07-13Threat PostLisa Vaas
Ransomware Giant REvil’s Sites Disappear
REvil REvil
2021-07-05Github (f0wl)Marius Genheimer
REvil Linux Configuration Extractor
REvil
2021-07-04CISAUS-CERT
CISA-FBI Guidance for MSPs and their Customers Affected by the Kaseya VSA Supply-Chain Ransomware Attack
REvil REvil
2021-07-03Cybleinccybleinc
Uncensored Interview with REvil / Sodinokibi Ransomware Operators
REvil REvil
2021-07-01DomainToolsChad Anderson
The Most Prolific Ransomware Families: A Defenders Guide
REvil Conti Egregor Maze REvil
2021-07-01AT&T CybersecurityFernando Martinez, Ofer Caspi
REvil’s new Linux version
REvil REvil
2021-07-01ThreatpostTom Spring
Linux Variant of REvil Ransomware Targets VMware’s ESXi, NAS Devices
REvil
2021-06-29Twitter (@VK_intel)Vitali Kremez
Tweet on Linux version of REvil ransomware
REvil
2021-06-29YouTube (C. Beek)Christiaan Beek
Demo of REvil/Sodinokibi Linux variant encrypting a Linux system
REvil
2021-06-28Twitter (@AdamTheAnalyst)AdamTheAnalyst
Tweet on suspected REvil exfiltration (over RClone FTP) server
REvil REvil
2021-06-28AT&TAlienVault
REvil ransomware Linux version (with YARA rule)
REvil
2021-06-28Twitter (@VK_intel)Vitali Kremez
Tweet on ELF version of REvil
REvil

There is no Yara-Signature yet.