Blog

REvil Is Down, Not Out

On July 13, 2021, following the recent high-profile ransomware attack on Kaseya, the systems, network, and hosting infrastructure for the Russian ransomware extortionist threat group “REvil” (aka, “Sodinokibi” or “Sodin”) mysteriously went offline—without parting words from REvil admins or law enforcement agencies claiming the successful takedown. On the same day, the cybercriminal forum XSS formerly banned REvil’s primary spokesperson, who uses the alias “Unknown.”

July 14, 2021