REvil — sometimes referred to as Sodinokibi — is a ransomware family that first appeared in April 2019 and is thought to be a rebrand of the GandCrab ransomware. The group has been attributed to high-profile attacks, such as those committed against JBS Foods and Kaseya in 2021. Although several members of the group were arrested in January 2022, that does not appear to have deterred the remaining members. After halting all public activity in October 2021, REvil appears to have resumed operations in April 2022. ZeroFox Intelligence has shared their latest observations and assessments in this Flash Report.

core/paragraph

<p>REvil — sometimes referred to as Sodinokibi — is a ransomware family that first appeared in April 2019 and is thought to be a rebrand of the GandCrab ransomware. The group has been attributed to high-profile attacks, such as those committed against JBS Foods and Kaseya in 2021. Although several members of the group were arrested in January 2022, that does not appear to have deterred the remaining members. After halting all public activity in October 2021, REvil appears to have resumed operations in April 2022. ZeroFox Intelligence has shared their latest observations and assessments in this Flash Report.</p>

FLASH REPORT: New REvil Version Identified

Download the Report