18 Jan 2022

Russia arrests REvil ransomware gang members at request of US officials

14 members of the REvil ransomware group have been arrested by the Russian government. A joint effort between the Federal Security Service of the Russian Federation and the Ministry of Internal Affairs of Russia led to the arrest of the members of the cybercrime group. Several assets were seized in

Read More
14 Jan 2022

Today, Putin Sends Cybercrime Crackdown Signal to U.S.; Unattributed Cyber Attack on Ukrainian Government Sites

More than any of the mixed signals of the high-level meetings between the U.S. and Russia, two cyberwar developments today are far more clear indicators of the direction of the Ukrainian conflict playing out between NATO, Putin, and the U.S. 

Read More
01 Nov 2021

Suspected REvil Gang Insider Identified

German investigators identified a Russian billionaire who authorities suspect of being a core member of the notorious REvil ransomware gang. This individual is allegedly very flashy and tends to spend large amounts of money. The man goes by “Nikolay K” on social media. German police hope that he will leave

Read More
27 Oct 2021

Groove Calls for Cyberattacks on US as REvil Payback

Editor’s note: Groove was later determined to be a very unaccomplished bad actor playing a prank. (See: groove prank). Recently, international law enforcement joined together in an effort to dismantle the infrastructure belonging to the notorious REvil ransomware group. Following the operation, another cybercrime group called Groove called for revenge

Read More
22 Oct 2021

Government Agents Compromise REvil Backups to Force Group Offline

US authorities have allegedly forced the REvil ransomware group online in the latest offensive against ransomware. However, experts have warned that the move could lead to repercussions for former breach victims. Former officials and cybersecurity experts confirmed that an international law enforcement operation was responsible for taking down REvil’s data

Read More
19 Oct 2021

REvil ransomware operators claim group is ending activity again, victim leak blog now offline

The REvil ransomware group has claimed that the gang is disbanding after the group suffered from loss of vital infrastructure and internal disputes. The notorious ransomware gang has claimed to be done with the cybercrime industry before, announcing their departure in July after the devastating Kaseya attack that affected hundreds

Read More
16 Sep 2021

REvil/Sodinokibi Ransomware Universal Decryptor Key Is Out

Bitdefender collaborated with law enforcement to create a key that would release data encrypted in ransomware attacks before the REvil ransomware gang disappeared from the internet on July 13. The universal decryption key will be free for victims of REvil ransomware attacks. The firm announced that it will be passing

Read More
29 Jul 2021

BlackMatter & Haron, Evil Ransomware Newborns or Rebirths

According to researchers, disappeared ransomware groups DarkSide and REvil have simply rebranded as Haron and BlackMatter. The two ransomware groups took down their leak sites and forums, going dark over the past several months. However, researchers claim that Haron and BlackMatter contain many of the hallmarks of the formerly active

Read More
26 Jul 2021

Kaseya Obtains Universal Decryptor for REvil Ransomware

Reports have emerged that Kaseya has obtained a master decryptor key to mitigate the effects of a REvil ransomware attack that disrupted and locked up the systems of at least 60 of its customers. It is unclear if the ransom demand was paid to access the decryption key. Kaseya stated

Read More
06 Jul 2021

REvil Group Demands $70 Million for ‘Universal Decryptor’

REvil, the group behind the damaging supply chain ransomware attack on a US software company Kaseya, has reportedly demanded $70 million in return for a universal decryption key. Researchers claim that there could be as many as 1,500 companies impacted globally. It is unclear which ransomware affiliate was used to

Read More