REvil Ransomware Returns And Continues To Attack And Leak Data

Guess who’s back in town?

After wildly exploiting the zero-day Kaseya vulnerability back in July, and demanding $50 million for a universal decryptor (not forgetting $5 million for an MSP’s decryption, and a ‘mere’ $44,999 for individual file encryption), REvil completely disappeared off the grid back in July of this year.

Last week, the REvil gang made their comeback. Infrastructure is back up, ransomware operations have returned, and renewed attacks are evident in the form of screenshots of stolen data published on their data leak site.

There is much speculation around the reasons for their “summer break”, yet our attention is better focused on bolstering our networks, strengthening our defenses and ensuring we have the best practises in place.

Read more about REvil’s comeback and have your Network Admins and Security Professionals familiarize themselves with the group’s tactics and techniques: https://unit42.paloaltonetworks.com/revil-threat-actors/

Start Getting Value With
Centraleyes for Free

See for yourself how the Centraleyes platform exceeds anything an old GRC
system does and eliminates the need for manual processes and spreadsheets
to give you immediate value and run a full risk assessment in less than 30 days

Stay up to date with the latest news, vulnerabilities, and actions to keep your organization safe by subscribing to Centraleyes Daily Intelligence Reports: https://hubs.ly/H0MXCBd0