REvil

URI: https://gptkb.org/entity/REvil

GPTKB entity

Predicate	Object
gptkbp:instanceOf	ransomware group
gptkbp:affiliatedWith	cybercriminal affiliates
gptkbp:alsoKnownAs	gptkb:Sodinokibi
gptkbp:associatedWith	gptkb:DarkSide
gptkbp:demandedRansomIn	gptkb:cryptocurrency
gptkbp:exploits	gptkb:Kaseya_VSA_zero-day
gptkbp:firstAppearance	April 2019
https://www.w3.org/2000/01/rdf-schema#label	REvil
gptkbp:infrastructureSeizedBy	gptkb:law_enforcement
gptkbp:language	gptkb:Russian
gptkbp:membersArrestedBy	gptkb:Russian_authorities
gptkbp:notoriousAttack	gptkb:Kaseya_VSA_supply_chain_attack gptkb:JBS_Foods_ransomware_attack
gptkbp:operates	ransomware-as-a-service
gptkbp:publishedStolenDataOn	dark web leak sites
gptkbp:ransomDemanded	$70 million (Kaseya attack)
gptkbp:reappeared	2022
gptkbp:shutDown	October 2021
gptkbp:suspectedOrigin	gptkb:Russia
gptkbp:target	businesses healthcare organizations government organizations critical infrastructure global organizations
gptkbp:technique	double extortion
gptkbp:usesMalware	malware
gptkbp:bfsParent	gptkb:malware
gptkbp:bfsLayer	4