Directory Image
This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.

Notorious Ransomware Attacks by REvil in 2021

Author: Threatcop Kratikal
by Threatcop Kratikal
Posted: Nov 11, 2021

REvil (Ransomware Evil), also known as Sodinokibi, is an infamous private ransomware-as-a-service (RaaS) group held responsible for several vicious ransomware attacks on organizations worldwide. According to an article by Dark Reading, REvil was the most common ransomware variant responsible for 25% of ransomware attacks from January 2021 to July 2021.

This Russian-speaking cyber criminal group issues the threat of publishing the stolen information on its page, Happy Blog, if targeted organizations do not pay the ransom after falling victim to launched cyber attacks. Here is a list of some of the most notorious ransomware attacks by REvil in 2021:

#1 Renewable Energy Company InvenergyThe Chicago-based clean energy company suffered a ransomware attack by REvil in June 2021. The multinational company launched an investigation as soon as unauthorized activity was detected on its systems.

On its dark website, REvil declared that it had successfully carried out a cyber attack on Invenergy and compromised its computer systems, exfiltrating four terabytes of data. The stolen data allegedly included project data and contracts.

What’s even more curious about this attack is that REvil further claimed to have obtained some very personal information about Michael Polsky, Invenergy’s chief executive officer. The gang revealed that it had accessed Michael Polsky’s personal emails, compromising photographs and sensitive details about his divorce with Maya, his first wife.

#2 Tech Giant AcerThe renowned Taiwanese electronics and computer maker, Acer was hit by a major ransomware attack by REvil in March 2021. The hacking group demanded a ransom of a whopping $50 million!

The ransomware gang announced the breach on their data leak site by posting some images of the stolen files as proof. The leaked images consisted of some sensitive documents like financial spreadsheets, bank balances and bank communications. The hackers also offered a 20% discount if Acer made the payment before the deadline provided by REvil. The ransomware gang had promised to provide the company with a decryptor, the deletion of stolen files and a vulnerability report in return for the payment.

Acer never admitted to paying the ransom. However, in a statement, the organization said that companies like theirs are constantly attacked. Acer stated that they had reported any abnormal situations to the required data protection and law enforcement authorities.

#3 Software Provider KaseyaIn July 2021, the US-based software provider Kaseya suffered a disastrous ransomware attack by REvil. To launch the attack, REvil targeted a vulnerability (CVE-2021-30116) in one of Kaseya’s remote computer management tools called Kaseya VSA.

This infamous attack affected up to 2,000 organizations globally and its fallout lasted for weeks. After the attack, REvil operators boasted about it on the group’s "Happy Blog", saying that over a million devices were infected. They also stated that they would provide Kaseya with a universal decryption key for a ransom of $70 million in Bitcoin.Counted amongst the farthest-reaching ransomware attacks till date, the Kaseya ransomware attack created problems for a broad array of public agencies and businesses.

The Swedish grocery chain Coop had to keep most of its 800 stores closed for an entire day since their cash register software supplier was out of service. Two big Dutch IT services companies- Hoppenbrouwer Techniek and VelzArt were also affected amongst many others.

Read More: https://threatcop.ai/blog/notorious-ransomware-attacks-by-revil-in-2021/

About the Author

ThreatCop is a cyberattack simulator and security awareness training tool to help employees combat phishing, vishing, smishing, cyber scam, ransomware, etc.

Rate this Article
Leave a Comment
Author Thumbnail
I Agree:
Comment 
Pictures
Author: Threatcop Kratikal

Threatcop Kratikal

Member since: Oct 21, 2021
Published articles: 7

Related Articles