Last month the notorious REvil ransomware gang pulled an abrupt disappearing act that could have left its victims with no way to recover their data. As it turns out, many of those victims can now get ...

Not REvil’s victims, though. They’re now stuck, many midway through negotiations, without the decryption key they need to unfreeze their data and their businesses. As far as REvil’s disappearance went ...

A massive chain reaction on Friday infected at least hundreds and likely thousands of businesses worldwide with ransomware, including a railway, pharmacy chain, and hundreds of storefronts of Sweden's ...

REvil ransomware’s servers in the TOR network are back up after months of inactivity and are now redirecting to a new operation that launched recently. It is unclear who is behind the new ...

the endless drumbeat of high-profile ransomware attacks continued this week, but Google's Threat Analysis Group also raised awareness of tricky “pass-the-cookie” attacks that hackers have used in ...

A newly discovered backdoor and double chats could have enabled REvil ransomware-as-a-service operators to hijack victim cases and snatch affiliates’ cuts of ransom payments. There’s no honor amongst ...

The notorious REvil ransomware operation has returned amidst rising tensions between Russia and the USA, with new infrastructure and a modified encryptor allowing for more targeted attacks. In October ...

REvil is an ambitious hacking group that extorts tens of millions from victims. REvil is likely Russia-based and linked to a ransomware strain used to attack healthcare firms. The group's solely ...

Infamous ransomware gang REvil is reportedly shutting down again after getting hacked itself. REVil, also known as Sodinokibi, first appeared in May 2019 and since that time has been a prolific ...

JBS was one of REvil's most high-profile victims. REvil has now disappeared, however. (Photo Illustration by Pavlo Gonchar/SOPA Images/LightRocket via Getty Images) The hacking crew behind damaging ...