@kompr: REvil FAQ Regarding REvil — we do not know anything about REvil that probably isnt already known

Репост из: Kompromat 2.0 in English REvil FAQ

Regarding REvil — we do not know anything about REvil that probably isnt already known.

1. «Who they are?» An alleged russian-based Threat Actor. Some rumor it to be a fork of Egregor/Maze?
2. «How many of them are there?», We do not know
3. «How do they work (choose targets for attack)?», We do not know. Some are probably the works of their affiliate program though.
4. «How are they connected to russian government/intelligence officials?», We do not know

Please expand on #3: what kind of affiliate program are they running?

They used to advertise fairly often on various forums, most notably https://t.co/GxRPAxCmYl. However, I believe they were banned from https://t.co/GxRPAxCmYl (or ransomware discussions in general were). They looked for ‘pentesters’. The summary is if someone breached a company and successfully executed their ransomware — REvil would negotiate with the company & give the affiliate a percentage of the ransom.


  • Первичным источником сведений и основанием для изложенных в публикации фактов, аргументов и иных данных является телеграм-канал.
  • Приглашаем к сотрудничеству по размещению новостей и рекламы всех заинтересованных лиц. Подробнее в разделах РЕКЛАМА и РАЗМЕЩЕНИЕ НОВОСТЕЙ.