126: REvil
Darknet Diaries
REvil Origins and GandCrab
Summary: REvil, a ransomware operation, emerged around April 2019 from GandCrab, a group known for pioneering "big game hunting." Will, a threat intelligence analyst, has tracked REvil since the start of his career in 2019, coinciding with REvil's appearance.
Insights:
- REvil's roots lie in GandCrab, a precursor ransomware group.
- GandCrab is considered the originator of "big game hunting" in ransomware attacks.
- The name "GandCrab", like "Google", refers to both the malware and the group behind it.
Proper Nouns:
- REvil: The ransomware group and malware being discussed.
- GandCrab: The precursor ransomware group that pioneered "big game hunting."
- Will: Threat intelligence analyst providing context on REvil.
- Equinix Threat Analysis Center: Will's workplace, indicating his expertise.
Research
- How did GandCrab operate, and what were its most notable attacks?
- What specific tactics characterize "big game hunting" in ransomware?
- What made GandCrab so effective, and how did these strengths transfer to REvil?
00:00
Transcript
Play full episode
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
