+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

What you need to know about REvil - the hacking group that extorted hundreds of companies - in one minute or less

Jul 9, 2021, 21:55 IST
Business Insider
The hacking group REvil has launched ransomware attacks against hundreds of companies. Chris Collins/Getty Images
  • REvil is an ambitious hacking group that extorts tens of millions from victims.
  • REvil is likely Russia-based and linked to a ransomware strain used to attack healthcare firms.
  • The group's solely financial motivations can make it more dangerous than other hacking groups.
Advertisement

REvil, one of the most notorious and ambitious hacking groups today, has launched attacks against hundreds of companies worldwide, often demanding and receiving millions from its victims, according to CyberScoop.

Most recently, it targeted software provider Kaseya VSA, which passed the malware on to hundreds of its users, and forced JBS, the world's largest meat processor, to pay a $11 million ransom to regain control of its operations. Here's what you should know about them:

Who they are

REvil is likely a Russia-based ransomware group, as its code is written to bypass computers that use Russian. This is a common strategy to avoid running afoul of local authorities, according to NBC.

When REvil emerged

REvil's creators are linked to the architects of GandCrab ransomware, which was first used in 2018 primarily to attack healthcare firms, according to Fortune. One of the first signs of REvil was a 2019 attack that struck 22 Texas towns and demanded a collective ransom of $2.5 million, as reported by ZDNet.

What REvil wants

The group's only motivation is extorting money from its victims, making it more dangerous than nation-state hacking groups, which might be less willing to attack targets such as hospitals, cybersecurity research Jack Cable told Fortune.

How REvil works

REvil sells its technology to other hackers in exchange for a 20% cut of the ransomware payment elicited by the third-party groups, Fortune reported. The group also threatens to release data and information from the companies it targets on the dark web if companies don't comply.

Advertisement

You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article