(also REvil, Ransomware Evil, Sodinokibi)
A virus that encrypts the victim’s files and holds them hostage until a ransom is paid. REvil was ransomware-as-a-service (RaaS), meaning that the malware was rented to other hackers by its developers for a cut of the profits.
Allegedly, this highly successful ransomware-as-a-service operation was based in Russia and dismantled by the state authorities in early 2022. While this did reduce the frequency of REvil ransomware incidents across the globe, the attacks have not disappeared entirely. Security experts now believe that the hackers arrested were merely affiliates.
April 2021: REvil stole secret Apple design plans from Quanta Computer, threatening to release them publicly unless a $50 million ransom was paid.
May 2021: REvil ransomware disrupted JBS S.A. beef, poultry, and pork plant operations, forcing the company to pay $11 million in Bitcoin to resume production.