Blog Details

  • Home
  • Business Owners Must Familiarize Themselves With REvil
Trey Fox July 15, 2021 0 Comments

Business Owners Must Familiarize Themselves With “REvil”

Photo by Alex Chumak on Unsplash

Business personnel worldwide and across every sector imaginable could find themselves susceptible to cyber attacks.  Given the increased reliance on the digital environment due to continued technological advancement, attacks of this nature are becoming much more common.  Specifically, cyber attacks in the form of ransomware are continuing to increase.  

There are numerous global networks to contend with that launch these sorts of attacks, but one in particular—”REvil”—has made quite an impact for all the wrong reasons in recent memory.

What is “REvil?”

This group, which is known formally as “Sodinokibi,” is a Russian-based ransomware-as-a-service (RaaS) criminal organization.  It rose to power following the demise of a similar hacking network, “GandCrab.”  According to Fortune, part of REvil’s business operation includes selling hacking technologies to its clients so that they can launch ransomware attacks themselves.  In return, the criminal enterprise collects nearly 20% of the profits gained from the client’s ransom.


REvil has successfully extorted various high profile corporations.  Its ability to gain profit in the form of cryptocurrency has made it more difficult for authorities to track down the source of the attacks.  The hacking group received a ransom that equated to $ll million from one of the world’s largest food processing companies, JBS.  The company’s CEO, Andre Nogueira cited the difficulty of this decision but said it was necessary to prevent any risk to JBS’ customers.

In a recent attack prior to the Fourth of July, the hacking group launched a supply chain ransomware attack against a large IT management company known as Kaseya.  REvil infiltrated Kaseya’s software tool that services various businesses globally.  Wired explained that this could lead to many disastrous implications.  By infecting the company’s infrastructure tool, the damages could potentially trickle down to the numerous companies that rely on this now compromised tool.

How to resolve ransomware attacks

While ransomware attacks present many unfortunate consequences, there is a solution that will resolve such attacks.  Disaster recovery as a service (DRaaS) will successfully restore all of your compromised systems as if an attack never occurred.  It will save you time, lost work, money, and resources associated with building an infrastructure once devoted to preventing any future attacks.  Contact Dynamic Software Solutions for an assessment and to discover our affordable DRaaS rates.

Update: As of yesterday, July 14, REvil has gone offline. This action is considered inexplicable from the outside looking in. However, BBC’s Cyber Reporter, Joe Tidy, gained valuable insight from a hacker who claimed to be affiliated with the ransomware gang. The hacker claimed that, because the FBI eliminated elements of REvil’s site—and due to pressure from Russia’s government, the gang decided to shut down the entirety of its operation. He also warned that other hacker groups will rise and replace those that are removed from the equation.