Created: 2022-07-24
Tags: #fleeting
REvil (a.k.a Sodinokibi) is a Ransomware as a service (RaaS), meaning they are offering of pay-for-use malware.
Coveware (a company that specializes in ransomware recovery)
has seen incidents where victims who already paid were re-extorted by REvil a few weeks later with threats to release the same data. Some failed to keep their promises by publishing the data of victims who chose to pay or by showing fake evidence of data deletion.
The REvil representative, told that the group is looking into adopting other techniques, such as launching DDOS attacks to force the hand of organizations that suspend negotiations.
After breaking in,
hackers use a variety of tools and techniques to