REvil ransomware returns: New malware sample confirms gang is back

Lawrence Abrams reports:

The notorious REvil ransomware operation has returned amidst rising tensions between Russia and the USA, with new infrastructure and a modified encryptor allowing for more targeted attacks.

In October, the REvil ransomware gang shut down after a law enforcement operation hijacked their Tor servers, followed by arrests of members by Russian law enforcement.


A sample of the new ransomware operation’s encryptor was finally discovered this week by AVAST research Jakub Kroustek and has confirmed the new operation’s ties to REvil.

Read more at BleepingComputer.

About the author: Dissent

Comments are closed.