|
gptkbp:instanceOf
|
cybercrime
|
|
gptkbp:acceptsPaymentMethod
|
gptkb:Bitcoin
gptkb:Monero
|
|
gptkbp:activeYearsStart
|
2019
|
|
gptkbp:alsoKnownAs
|
gptkb:Sodinokibi
|
|
gptkbp:associatedWith
|
DarkSide group
|
|
gptkbp:countryOfOrigin
|
gptkb:Russia
|
|
gptkbp:disbanded
|
2022
|
|
gptkbp:extortionMethod
|
double extortion (data theft and encryption)
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
REvil group
|
|
gptkbp:language
|
gptkb:Russian
|
|
gptkbp:malwareDistributed
|
gptkb:Sodinokibi_ransomware
|
|
gptkbp:membersArrestedBy
|
gptkb:Russian_Federal_Security_Service_(FSB)
|
|
gptkbp:notableBattle
|
gptkb:JBS_Foods_ransomware_attack
Kaseya ransomware attack
|
|
gptkbp:notableEvent
|
final shutdown in 2022
re-emerged after shutdown in 2021
servers seized by law enforcement in 2021
|
|
gptkbp:notableFor
|
ransomware attacks
|
|
gptkbp:notableVictim
|
gptkb:Kaseya
gptkb:JBS_Foods
gptkb:Travelex
|
|
gptkbp:operationalModel
|
affiliate-based
|
|
gptkbp:ransomDemanded
|
gptkb:cryptocurrency
|
|
gptkbp:ransomwareType
|
Ransomware-as-a-Service (RaaS)
|
|
gptkbp:target
|
gptkb:government_agency
businesses
healthcare organizations
critical infrastructure
|
|
gptkbp:websiteTakenDownBy
|
gptkb:law_enforcement
|
|
gptkbp:bfsParent
|
gptkb:Sodinokibi_ransomware
|
|
gptkbp:bfsLayer
|
7
|