REvil (Ransomware Evil, also known as Sodinokibi) is a private ransomware-as-a-service (RaaS) operation. After an attack, REvil would threaten to publish the information on their page 'Happy Blog' unless the ransom is received.


Incidents Associated with this Threat

  • July 2, 2021: Supply Chain Attack Guidance Released
  • July 2, 2021: Sweden’s Largest Supermarket Chain Closes Stores in Ransomware Attack
  • April 20, 2021: REvil Extorts Apple in Supply Chain Attack
  • March 23, 2021: REvil Demands $50Million Ransomware from Acer Electronics
  • January 21, 2020: German Automotive Parts Manufacturer Hit by Sodinokibi/REvil Ransomware Group

Malware Used by this Threat Actor

No malware identified for this threat actor.

Pin It on Pinterest

Scroll to Top
Scroll to Top