REvil is back online after two months in the dark

REvil Back Online After Two Months of Darkness

After July 4th‘s widely publicized major supply chain attack on IT software provider Kaseya. REvil is now back as “Happy Blog” Ransomware group. On September 7th both the Tor payment/negotiation site and REvil’s Tor ‘Happy Blog’ data leak site suddenly came back online. REvil is back online. 

REvil, also known as Sodinokibi, emerged as the fifth most commonly reported ransomware strain in Q1 2021, accounting for 4.60% of all submissions in the quarter, according to statistics compiled by Emsisoft.

REvil/Sodinokibi variants has been used by countless affiliates to extort money from companies as diverse as now-defunct Travelex, Jack Daniels-maker Brown-Forman and meat processing giant JBS. Last year REvil claimed a fortune of $100m from operations.

The question remains . . . Is ransomware gang REvil back or are the servers being turned on by law enforcement?

But, let’s not forget “REvil,” is short for “Ransomware-Evil,” 

Don’t be the next victim of ransomware — CIT is one partner, total cybersecurity!

Corporate Information Technologies provides small to mid-market organizations with expert I.T. services including compliance assessment, cybersecurity penetration tests, and comprehensive business continuity planning services. Corporate Information Technologies can help organizations, quantify, create, refine, and mitigate the risks presented by business threatening disasters in whatever form they may be disguised. 

One Partner. Total Cybersecurity. CIT’s Security Assessment 

Comments are closed

Learn More
error: Alert: This Content is protected!