Attribute Value Name REvil Aliases SodinokibiSodin Type Rnasomware Country of Origin Russia State Sponsored []Unknown [x] Unconfirmed [] Confirmed Active Since April 2019 Discovered by Cisco Talos Target Countries All countries except Syria, Commonwealth of Independent States (CIS), which includes Armenia, Belarus, Kazakhstan, Kyrgyzstan, Moldova, Russia, Tajikistan, Turkmenistan, Ukraine and Uzbekistan. Main targets are US, …
APT Name: REvil – Tactics, Techniques, Procedures Updates from Organization: https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689 [Kaseya Ransomware Incident (groupsense.io)](https://www.groupsense.io/resources/keseya-ransomware-incident https://siliconangle.com/2021/07/07/victims-targeted-fake-updates-kaseya-allegedly-knew-exploited-vulnerability-april/ https://www.huntress.com/blog/a-recap-of-events-and-lessons-learned-during-the-kaseya-vsa-supply-chain-attack Ransomware: [x] Yes [ ] No Ransomware Negotiator: Not disclosed Ransomware Paid: 22nd July, 2021: Kaseya spokeswoman Dana Liedholm would not say Thursday how the key was obtained or whether a ransom was paid. She said only that it came …
