×

Register to Access Intelligence Summary

First Name
Last Name
Job Title
Company
Country
State
Thank you!
Error - something went wrong!
   

Weekly Intelligence Summary 23rd July

The notorious ransomware gang "REvil" (aka Sodinokibi) has vanished from the Internet without any explanation. The disappearance of REvil occurred around the same time that its representatives were banned from Russian-speaking cybercriminal forums and a group of REvil’s, “Prometheus”, removed all mentions of REvil from its site. The disappearance also came shortly after REvil took responsibility for a large-scale supply-chain attack via the software supplier Kaseya, which allegedly resulted in one million systems being encrypted. It is likely that this attack may have resulted in pressure from law enforcement and possibly arrests of affiliates. It is also possible that REvil may have received a substantial profit from recent campaigns and deliberately shut down operations. Whatever the reason for the group’s disappearance, this event is likely to impact the ransomware threat landscape. REvil was one of the first groups to utilize “double extortion” techniques and set the path many other ransomware groups followed. 

Previous Post
Weekly: CISA guidelines, Q2 Ransomware roundup, and PunkSpider’s back!
Weekly: CISA guidelines, Q2 Ransomware roundup, and PunkSpider’s back!

ShadowTalk hosts Sean, Alec, Rick, and Ivan bring you the latest in threat intelligence. They cover CISA gu...

Next Report
Impersonating Domains Report
Impersonating Domains Report

In this report, Digital Shadows’ Photon Team analyzed a data set of more than 175,000 impersonating domains...

×

Threat Intel Fan?

Sign up below to get our TI updates delivered to your inbox!

First Name
Last Name
Company
Country
State- optional
Job Title
Thank you!
Error - something went wrong!