REvil’s “Cryptobackdoor” Con: Ransomware Group’s Tactics Roil Affiliates, Sparking a Fallout

REvil, a sophisticated Russian-speaking ransomware group, frequently works with affiliates who provide them with access to networks—and negotiate with victims on REvil’s behalf—for a cut of the ransom. REvil affiliates can collect up to 70 percent of the ransom payment while REvil operators collect the rest. This is how REvil has historically operated its ransomware-as-a-service model.

Default Author Image
September 28, 2021