Revil

Ransomware Group Profile

Overview

Sodinokibi ransomware group also known as REvil (Ransomware Evil) operates as a ransomware-as-a-service (RaaS) model. After the group compromised his victims, they would threaten to publish the victim's sensitive data on their darknet blog named 'Happy Blog', unless the ransom is paid. The ransomware malware code used by REvil is pretty similar to the ransomware code used by DarkSide - a different threat actor. REvil group claims to steal information after a successful attack on the supplier of the tech giant Apple and stole confidential schematics of their upcoming products.

Dark Web Infrastructure (10)
dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion
aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion
blogxxu75w63ujqarv476otld7cyjkq4yoswzt4ijadkjwvg3vrvd5yd.onion
2wub3njb7zvmnn6xohbuizjcbvy4w5dvlb4puesry3rrl6gx4452ezid.onion
54xj22qsftuzs6bhcistgz27reblgijdjggkgb3fdhfgl3ghkmzk7dad.onion
65x5syrn4gmgfnicrhyfwkokw5x3xipxer2z4vhhckrh756v6m5272qd.onion
fsgwyl2xd2h5s43er7epr6vuqu5eddmmtgp6cq7khmkoe3ba4d37w7ad.onion
rrjwr4jsju3nuwjz77hbcquiuq5hc3oc7yxlgi5rxeazehf7mlkzcvid.onion
ttn4gqpgvyy6tuezexxhwiukmm2t6zzawj6p3w3jprve36f43zxr24qd.onion
landxxeaf2hoyl2jvcwuazypt6imcsbmhb7kx3x33yhparvtmkatpaad.onion
Associated Threat Actors (2)
FIN7GOLD SOUTHFIELD
Activity Timeline
First Seen2022
Last Seen2024
Leak Sites10
Quick Actions
View All GroupsThreat Actors
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001