Video On Demand
REvil: A Prolific Ransomware as a Service
Josh Reynolds
Bex Hartley
  • Multiple Speakers
  • Josh Reynolds
  • Bex Hartley
Runtime: 27:27
REvil (also known as Sodinokibi) ransomware is a ransomware-as-a-service (RaaS) operation conducted by PINCHY SPIDER. REvil has been distributed since April 2019, closely following the "official" end-of-operation announcement for GandCrab ransomware. GandCrab is known to be the predecessor of REvil, with RaaS affiliates distributing REvil to any vertical that is likely to pay the ransom using various tactics, techniques and procedures. Many of the current affiliates strictly perform big game hunting (BGH) operations with ransoms in the millions of dollars against large organizations, and it is not common to see REvil being widely distributed to end users.

Please provide your feedback and be entered to win $300 on items from the CrowdStrike Swag Store! Winner will be contacted via email.

Related Videos

Research & Threat Intelligence Priority Intelligence Requirements: Your Key to Working Smarter with More Impact
Thomas Schmitt AB-InBev 38:41
Research & Threat Intelligence LEAD Framework: Revamping Threat Intelligence
Filip Stojkovski Adobe 29:59