Darknet Diaries cover image

126: REvil

Darknet Diaries

ANECDOTE

REvil Origins and GandCrab

Summary: REvil, a ransomware operation, emerged around April 2019 from GandCrab, a group known for pioneering "big game hunting." Will, a threat intelligence analyst, has tracked REvil since the start of his career in 2019, coinciding with REvil's appearance.

Insights:

  • REvil's roots lie in GandCrab, a precursor ransomware group.
  • GandCrab is considered the originator of "big game hunting" in ransomware attacks.
  • The name "GandCrab", like "Google", refers to both the malware and the group behind it.

Proper Nouns:

  • REvil: The ransomware group and malware being discussed.
  • GandCrab: The precursor ransomware group that pioneered "big game hunting."
  • Will: Threat intelligence analyst providing context on REvil.
  • Equinix Threat Analysis Center: Will's workplace, indicating his expertise.

Research

  • How did GandCrab operate, and what were its most notable attacks?
  • What specific tactics characterize "big game hunting" in ransomware?
  • What made GandCrab so effective, and how did these strengths transfer to REvil?
00:00
Transcript
Play full episode

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
App store bannerPlay store banner