The Week in Ransomware – September 10th 2021 – REvil returns

This week marked the return of the notorious REvil ransomware group, who disappeared in July after conducting a massive attack using a Kaseya zero-day vulnerability.

Their July attack affected over 1,500 businesses and drew the full attention of international law enforcement and the White House, who demanded that Russia do something about these attacks.

Also Read: Invasion Of Privacy Elements And Its Legal Laws To Comply

Soon after, REvil shut down all of its servers and mysteriously disappeared.

That is until this week when REvil’s servers started back up, and a new sample of their ransomware was spotted on VirusTotal.

It is still too soon to tell if the ransomware gang is fully operational, but we will likely see new attacks shortly.

In other news, a report was released this week outlining what a ransomware gang’s ideal target is for attacks, and the Ragnar Locker gang threatened to automatically release stolen data if victims contact negotiators or law enforcement.

Also Read: 5 Best Practices About Information Retention For Businesses

Contributors and those who provided new ransomware information and stories this week include: @BleepinComputer, @malwareforme, @malwrhunterteam, @VK_Intel, @fwosar, @serghei, @struppigel, @LawrenceAbrams, @PolarToffee, @FourOctets, @Seifreed, @jorntvdw, @DanielGallagher, @demonslay335, @Ionut_Ilascu, @AdvIntel, @y_advintel, @McAfee_Business, @Glacius_, @Intel471Inc, @PogoWasRight, @ddd1ms, @JakubKroustek, @Libranalysis, @John_Fokker, @cPeterr, @fbgwls245, and @pcrisk.