It remains to be seen if this “re-emergence” of REvil consists of old members with the same tenacity or a copycat group lifting off the old name and parts of the infrastructure
REvil, one of the deadliest ransomware groups/gangs, had made its presence felt in India earlier this year through an attack on Oil India. Their computers were locked out after the ransomware attack at their headquarters in Assam’s Duliajan. When Oil India refused to negotiate with the hackers, the company’s stolen data was leaked.
REvil has made a resurgence recently, with attacks on Chinese electrical appliance manufacturer Midea Group and Kaseya.
“It remains to be seen if this “re-emergence” of REvil consists of old members with the same tenacity or a copycat group lifting off the old name and parts of the infrastructure. Nevertheless, we do detect a new, steady stream of REvil binaries, and it looks like the victims are getting larger showing the group is gaining traction. Re-emergence or not, it has caught our attention and we are closely monitoring the situation and tracking what REvil is up to.” – John Fokker, Head of Cyber Investigations for Trellix Threat Labs” – John Fokker, Principal Engineer & Head of Cyber Investigations, Trellix.
CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics