Ransomware Group intelligence
Revil
InactiveTrack Revil with 96 published victims and 3 known leak locations in a single intelligence view.
Overview
Revil is tracked by Breach House as a ransomware group with 96 published victims.
United States is currently the most targeted country in this dataset.
3 known leak locations are currently associated with this group.
Top Countries
Interactive distribution based on the currently visible victims list.
Known Leak Locations (3)
| Label | Type | Availability | Links |
|---|---|---|---|
| Leak location 1 | Onion service | Unknown | dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion |
| Leak location 2 | Onion service | Unknown | aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion |
| Leak location 3 | Onion service | Unknown | blogxxu75w63ujqarv476otld7cyjkq4yoswzt4ijadkjwvg3vrvd5yd.onion |
Top Activity Sectors
No sector intelligence available.
Ransom Notes (0)
▼No ransom notes available for this group.
Tools Used
▼No tools used available.
YARA Rules (0)
▼No YARA rules available.
Indicators of Compromise (0)
▼No IoCs available for this group.
Negotiation Chats (0)
▼No negotiation chats available.
Research Sources
No external research sources linked yet.
Victims (96)
Search, filter and paginate the victim timeline for Revil.
| Type | Target | Discovered | Country | Business Category | Intel Link |
|---|---|---|---|---|---|
| Ransomware | kusd.edu id4684 View details | United States | Other | — | |
|
No additional victim description available. |
|||||
| Ransomware | Sunknowledge Services Inc id4683 View details | Services | — | ||
|
No additional victim description available. |
|||||
| Ransomware | medibank.com.au id4529 View details | Australia | Finance / Legal / Insurance | — | |
|
No additional victim description available. |
|||||
| Ransomware | Midea Group id4065 View details | Services | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Doosan Group id3899 View details | Services | — | ||
|
No additional victim description available. |
|||||
| Ransomware | OptiProERP is a leading global provider of industry-specific ERP solutions for manufacture id3860 View details | Communication / Marketing | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Ludwig Freytag Group id3419 View details | Services | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Unicity International id3360 View details | Public Sector | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Stratford University id3252 View details | Education | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Asfaltproductienijmegen id3225 View details | Communication / Marketing | — | ||
|
No additional victim description available. |
|||||
| Ransomware | CYMZ id3224 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | www.oil-india.com id3223 View details | Energy | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Visotec Group www.visotec.com id3221 View details | Services | — | ||
|
No additional victim description available. |
|||||
| Ransomware | PTT Exploration and Production - 720GB id1615 View details | Manufacturing / Engineering | — | ||
|
No additional victim description available. |
|||||
| Ransomware | ECKERD PERU S.A, INKAFARMA, MIFARMA id1587 View details | Agriculture / Food | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Join us on RAMP id1575 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Ronmor Holdings id1498 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Fimmick CRM Hong Kong (www.fimmick.com) id1487 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Fimmick CRM Honk Kong (www.fimmick.com) id1485 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Spiezle Architectural Group Inc. id1380 View details | Services | — | ||
|
No additional victim description available. |
|||||
| Ransomware | ohiograting.com id1355 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Apex America id875 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Allen, Dyer, Doppelt, & Gilchrist, P.A. id874 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Betenbough Homes id873 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | CEC Vibration Products id872 View details | Communication / Marketing | — | ||
|
No additional victim description available. |
|||||
| Ransomware | ENPOL LLC id871 View details | Services | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Iaffaldano, Shaw & Young LLP id870 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | angstrom automotive group id869 View details | Manufacturing / Engineering | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Agile Property Holdings id868 View details | Construction / Real Estate | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Möbelstadt Sommerlad id867 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Gosiger id866 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | neroindustry.com id865 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | kuk.de / KREBS + KIEFER / 500GB id864 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | KASEYA ATTACK INFO id863 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Daylesford - BHoldings - Bamford - The Wild Rabbit id862 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Hx5, LLC id861 View details | Services | — | ||
|
No additional victim description available. |
|||||
| Ransomware | inocean.no / 2000 GB id860 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Primo Water id859 View details | Communication / Marketing | — | ||
|
No additional victim description available. |
|||||
| Ransomware | lstaff.com / atworksprofessional / atworks.com id858 View details | Communication / Marketing | — | ||
|
No additional victim description available. |
|||||
| Ransomware | South Carolina Legal Services breach id857 View details | Finance / Legal / Insurance | — | ||
|
No additional victim description available. |
|||||
| Ransomware | ensingerplastics.com id856 View details | Manufacturing / Engineering | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Kaseya clients id662 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | University Medical Center id659 View details | United States | Healthcare / Pharma | — | |
|
No additional victim description available. |
|||||
| Ransomware | Fujifilm id643 View details | Japan | Other | — | |
|
No additional victim description available. |
|||||
| Ransomware | JBS (meat processor) id641 View details | Communication / Marketing | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Sol Oriens id615 View details | United States | Other | — | |
|
No additional victim description available. |
|||||
| Ransomware | Brazil's Tribunal de Justiça do Estado do Rio Grande do Sul id608 View details | Brazil | Other | — | |
|
No additional victim description available. |
|||||
| Ransomware | Apple MacBook via supplier Quanta Computer id607 View details | IT | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Asteelflash id594 View details | France | Manufacturing / Engineering | — | |
|
No additional victim description available. |
|||||
| Ransomware | Pierre Fabre id593 View details | France | Other | — | |
|
No additional victim description available. |
|||||
| Ransomware | Acer id588 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Gyrodata Incorporated id584 View details | Services | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Standley Systems (vendor to Healthcare Sector) id565 View details | United States | Healthcare / Pharma | — | |
|
No additional victim description available. |
|||||
| Ransomware | Dairy Farm Group id561 View details | Agriculture / Food | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Transform Hospital Group LTD id536 View details | United Kingdom | Healthcare / Pharma | — | |
|
No additional victim description available. |
|||||
| Ransomware | Managed[.]com (Web Hosting Provider for Columbus County, NC, Griffin Hospital in CT, Arizona Judicial Branch, and Jackson County, OR, among others) id525 View details | United States | Public Sector | — | |
|
No additional victim description available. |
|||||
| Ransomware | Beacon Health Solutions id489 View details | United States | Healthcare / Pharma | — | |
|
No additional victim description available. |
|||||
| Ransomware | Banco Estado (Public Bank) id476 View details | Chile | Finance / Legal / Insurance | — | |
|
No additional victim description available. |
|||||
| Ransomware | Haberdashers’ Monmouth Schools id475 View details | Education | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Ma Labs id464 View details | United States | Other | — | |
|
No additional victim description available. |
|||||
| Ransomware | Brown-Forman Corp (alcohol manufacturer) id453 View details | United States | Services | — | |
|
No additional victim description available. |
|||||
| Ransomware | Valley Health Systems id456 View details | Healthcare / Pharma | — | ||
|
No additional victim description available. |
|||||
| Ransomware | National Western Life (insurance) id458 View details | United States | Finance / Legal / Insurance | — | |
|
No additional victim description available. |
|||||
| Ransomware | Telecom Argentina id443 View details | Argentina | Telecommunications | — | |
|
No additional victim description available. |
|||||
| Ransomware | Cooke County Sheriff's Office id439 View details | United States | Public Sector | — | |
|
No additional victim description available. |
|||||
| Ransomware | Actuaries and Associates (retirement specialist) id434 View details | United States | Other | — | |
|
No additional victim description available. |
|||||
| Ransomware | ADIF (Spanish railway manager) id435 View details | Spain | Transportation / Travel / Logistics | — | |
|
No additional victim description available. |
|||||
| Ransomware | AAA Ambulance Service id437 View details | United States | Healthcare / Pharma | — | |
|
No additional victim description available. |
|||||
| Ransomware | Lion (Beverage giant) id405 View details | Australia | Hospitality / Food & Beverage / Tourism | — | |
|
No additional victim description available. |
|||||
| Ransomware | Symbiotic LLC id394 View details | United States | Services | — | |
|
No additional victim description available. |
|||||
| Ransomware | Goodman Mintz LLP id395 View details | Canada | Other | — | |
|
No additional victim description available. |
|||||
| Ransomware | ZEGG Hotels & Store id396 View details | Switzerland | Retail / E-commerce | — | |
|
No additional victim description available. |
|||||
| Ransomware | Crozer-Keystone Health System (Delaware County, PA) id397 View details | United States | Healthcare / Pharma | — | |
|
No additional victim description available. |
|||||
| Ransomware | Telkom id381 View details | South Africa | Other | — | |
|
No additional victim description available. |
|||||
| Ransomware | Sri Lanka Telecom id377 View details | Sri Lanka | Telecommunications | — | |
|
No additional victim description available. |
|||||
| Ransomware | Insport (sports store) id376 View details | Australia | Retail / E-commerce | — | |
|
No additional victim description available. |
|||||
| Ransomware | Elexon id375 View details | United Kingdom | Other | — | |
|
No additional victim description available. |
|||||
| Ransomware | Harvest Food Distributors (San Diego) id363 View details | United States | Agriculture / Food | — | |
|
No additional victim description available. |
|||||
| Ransomware | Sherwood Food Distributors (Detroit) id364 View details | United States | Agriculture / Food | — | |
|
No additional victim description available. |
|||||
| Ransomware | National Association of Eating Disorders id350 View details | United States | NGOs / Associations | — | |
|
No additional victim description available. |
|||||
| Ransomware | SeaChange International (supplier of video delivery software) id351 View details | IT | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Town of Jupiter id346 View details | United States | Other | — | |
|
No additional victim description available. |
|||||
| Ransomware | 10x Genomics id341 View details | United States | Other | — | |
|
No additional victim description available. |
|||||
| Ransomware | Brooks International (business management consultant) id334 View details | United States | Services | — | |
|
No additional victim description available. |
|||||
| Ransomware | Geidi (IT serves) id335 View details | Australia | Other | — | |
|
No additional victim description available. |
|||||
| Ransomware | Mountain View Los Altos Union High School District id322 View details | United States | Education | — | |
|
No additional victim description available. |
|||||
| Ransomware | Gedia Automotive Group id320 View details | Germany | Manufacturing / Engineering | — | |
|
No additional victim description available. |
|||||
| Ransomware | Tillamook County id317 View details | United States | Public Sector | — | |
|
No additional victim description available. |
|||||
| Ransomware | Artech Information Systems id314 View details | United States | IT | — | |
|
No additional victim description available. |
|||||
| Ransomware | Travelex id312 View details | United Kingdom | Transportation / Travel | — | |
|
No additional victim description available. |
|||||
| Ransomware | LogicalNet (MSP) Schenectady, NY id309 View details | United States | Other | — | |
|
No additional victim description available. |
|||||
| Ransomware | Synoptek id308 View details | United States | Other | — | |
|
No additional victim description available. |
|||||
| Ransomware | CyrusOne id304 View details | United States | Other | — | |
|
No additional victim description available. |
|||||
| Ransomware | Englewood Complete Technology Services id298 View details | United States | IT | — | |
|
No additional victim description available. |
|||||
| Ransomware | Alphabroder id289 View details | United States | Other | — | |
|
No additional victim description available. |
|||||
| Ransomware | Percsoft and the Digital Dental Record id283 View details | United States | Healthcare / Pharma | — | |
|
No additional victim description available. |
|||||