7 min listen
The story of REvil: From origin to beyond. [Research Saturday]
FromCyberWire Daily
ratings:
Length:
32 minutes
Released:
Mar 12, 2022
Format:
Podcast episode
Description
Guest Jon DiMaggio, Chief Security Strategist at Analyst1, joins Dave Bittner to discuss his team's research "A History of REvil" that chronicles the rise and fall of REvil. The REvil gang is an organized criminal enterprise based primarily out of Russia that runs a Ransomware as a Service (RaaS) operation. The core members of the gang reside and operate out of Russia. REvil leverages hackers for hire, known as affiliates, to conduct the breach, steal victim data, delete backups, and infect victim systems with ransomware for a share of the profits. Affiliates primarily stem across eastern Europe, though a small percentage operate outside that region. In return, the core gang maintains and provides the ransomware payload, hosts the victim data leak/auction site, facilitates victim communication and payment services, and distributes the decryption key. In simpler terms, the core gang are the service provider and persona behind the operation, while the affiliates are the hired muscle facilitating attacks. Jon walks us through the team's findings and details REvil's story.
The research can be found here:
A History of REvil
The research can be found here:
A History of REvil
Released:
Mar 12, 2022
Format:
Podcast episode
More Episodes from CyberWire Daily
Encore: Brandon Robinson: Built from the ground up. [Sales Engineer] [Career Notes] by CyberWire Daily