REvil Springs Back to Life and Hits a Fortune 500 Company

REvil Springs Back to Life and Hits a Fortune 500 CompanyThe previously-thought defunct cybercriminal gang appears to not only reopened for business but has re-established themselves as a major threat by touting 400GBs of stolen data.

Normally when a ransomware gang shuts down, we tend to assume they’re just going dark to reinvent themselves as a new group. And when the gang is arrested and their assets confiscated, one assumes they’re gone for good. But in the case of REvil, it appears that they are back for more… and are, unfortunately, off to a maliciously good start.

According to a recent twitter post from vx-underground, REvil is claiming responsibility for an attack of Midea Group, a $50 billion electrical manufacturer:


One of the screenshots captured by vx-underground shows a total of 373GBs of data stolen from Midea Group, putting this organization at risk of reputation damage, intellectual property theft, and more.

Historically, REvil has leveraged vulnerabilities, RDP, and phishing as initial attack vectors, making it imperative that organizations perform vulnerability management scans, lock down (or eliminate entirely) RDP, and implement security awareness training to reduce the risk of phishing attacks being successful.

Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the install and run it 
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews