Darknet Diaries 126: REvil
80 snips
Oct 18, 2022 Dive into the world of REvil, a notorious ransomware group that evolved from earlier threats like GantCrab. Discover their ruthless tactics, including double extortion and DDoS attacks, as they targeted large corporations. Hear about a shocking hack on an entertainment law firm and the challenges of negotiating with cybercriminals. The discussion reveals the critical need for robust network security and highlights recent law enforcement crackdowns on these cyber threats. Tune in for compelling insights into the high-stakes game of ransomware.
AI Snips
Chapters
Transcript
Episode notes
Rideshare Scam
- Gustavo, visiting the US from Brazil, created fake rideshare accounts using stolen identities to work for Uber.
- He expanded this scheme to food delivery apps and sold the accounts online, resulting in prison sentences for him and his team.
Big Game Hunting
- GanCrab pioneered "big game hunting", targeting large companies with ransomware for higher payouts.
- They bought access to company networks through initial access brokers, leading to significant profits despite security measures.
REvil's Origins
- GanCrab, operating with impunity from Russia, abruptly claimed retirement but actually rebranded as REvil.
- REvil's ransomware included a language check, avoiding execution in ex-Soviet countries.