REvil is Responsible for a Major Part of Ransomware Assaults in Q2 2021

McAfee, a computer security company, just released its October 2021 Advanced Threat Research Report. Statistics on ransomware attacks discovered by the organization in the second quarter of this year are one of the topics covered. RansomeXX, Ryuk, Netwalker, Thanos, MountLocker, WastedLocker, Exorcist, Conti, Maze, and REvil were the top ten ransomware organizations in terms of detections.

REvil notoriously targeted IT management platform Kaseya, as well as many other firms, throughout the summer, demanding $70 million for the decryption key to open victims’ files. According to McAfee’s data, REvil’s Sodinokibi ransomware payload was responsible for 73 % of ransomware detections in Q2 2021, out of the top ten groups. Governments were the most common target, according to McAfee’s research, followed by telecommunications, power, and media.

Eventually, security organizations distributed free decryption keys to the public to restore computers that had been compromised by previous REvil assaults. However, it was discovered that the FBI could have assisted the distribution of the keys earlier than it did. REvil has reappeared after a brief hiatus and resumed ransomware attacks. REvil also leases out its ransomware to other parties looking to carry out assaults, however, it appears that they have also employed security holes in their software to capture the ransoms paid by their clients.