revil – PossibleThreat Articles

Independent Krebs

Who Got Arrested in the Raid on the XSS Crime Forum?

August 6, 2025 0 Comments 9588693, anton gannadievich medvedovskiy, anton viktorovich avdeev, Breadcrumbs, constella intelligence, conti, damagelab, domaintools.com, europol, exploit.in, flycracker, hack-all, intel 471, lockbit, lockbitsupp, n0klos, Ne'er-Do-Well News, paranoidlab.com, qiliin, Ransomware, revil, sbu, sergeii vovnenko, sonic, The Coming Storm, toha, toschka2003@yandex.ru, xss[.]is

Credit to Author: BrianKrebs| Date: Wed, 06 Aug 2025 12:12:37 +0000

On July 22, 2025, the European police agency Europol said a long-running investigation led by the French Police resulted in the arrest of a 38-year-old administrator of XSS, a Russian-language cybercrime forum with more than 50,000 members. The action has triggered an ongoing frenzy of speculation and panic among XSS denizens about the identity of the unnamed suspect, but the consensus is that he is a pivotal figure in the crime forum scene who goes by the hacker handle “Toha.” Here’s a deep dive on what’s knowable about Toha, and a short stab at who got nabbed.

Independent Krebs Security

Who is Alleged Medibank Hacker Aleksandr Ermakov?

January 26, 2024 0 Comments ae.ermak@yandex.ru, aleksandr ermakov, Breadcrumbs, gustavedore, jimjones, medibank breach, mikhail borisovich shefel, Ne'er-Do-Well News, patrick gray, revil, risky business podcast, shtazi

Credit to Author: BrianKrebs| Date: Fri, 26 Jan 2024 18:12:09 +0000

Authorities in Australia, the United Kingdom and the United States this week levied financial sanctions against a Russian man accused of stealing data on nearly 10 million customers of the Australian health insurance giant Medibank. 33-year-old Aleksandr Ermakov allegedly stole and leaked the Medibank data while working with one of Russia’s most destructive ransomware groups, but little more is shared about the accused. Here’s a closer look at the activities of Mr. Ermakov’s alleged hacker handles.

Security Sophos

Press and pressure: Ransomware gangs and the media

December 13, 2023 0 Comments 8base, akira, alphv ransomware, blackcat, cl0p, conti, donut leaks, dunghill leak, featured, karakurt, lockbit, losttrust, media, metaencryptor, noname, play, ransomhouse, Ransomware, revil, rhysida ransomware, royal, snatch, sophos x-ops, threat research, vice, wormgpt

Credit to Author: Matt Wixey| Date: Wed, 13 Dec 2023 11:00:25 +0000

Sophos X-Ops explores the symbiotic – but often uneasy – relationship between ransomware gangs and the media, and how threat actors are increasingly seeking to wrest control of the narrative

Security Sophos

Canadian cybercriminal pleads guilty to “NetWalker” attacks in US

July 18, 2022 0 Comments bitcoin, bust, cryptocurrency, Law & order, netwalker, Ransomware, revil

Credit to Author: Paul Ducklin| Date: Mon, 04 Jul 2022 18:09:05 +0000

Bust in Canada, now bust in the USA as well.

Security Sophos

Canadian cybercriminal pleads guilty to “NetWalker” attacks in US

July 4, 2022 0 Comments bitcoin, bust, cryptocurrency, Law & order, netwalker, Ransomware, revil

Credit to Author: Paul Ducklin| Date: Mon, 04 Jul 2022 14:09:05 +0000

Bust in Canada, now bust in the USA as well.

MalwareBytes Security

A week in security (May 2 – 8)

May 9, 2022 0 Comments A week in security, airdrop phishing, Apple, business email compromise, cyberpunk ape executives, declaration for the future of the internet, discord, facebook, get rich with bitcoin, Google, google pixel, Instagram, Microsoft, nigerian tesla, opensea, Ransomware, revil

Credit to Author: Malwarebytes Labs| Date: Mon, 09 May 2022 10:20:30 +0000

The most important and interesting stories in security from the last seven days.

The post A week in security (May 2 – 8) appeared first on Malwarebytes Labs.

MalwareBytes Security

Ransomware: April 2022 review

May 6, 2022 0 Comments black basta, mindware, onyx, Ransomware, revil, threat intelligence

Credit to Author: Threat Intelligence Team| Date: Fri, 06 May 2022 08:59:41 +0000

April 2022 saw the arrival of three new ransomware gangs and the unwelcome return of an old enemy.

The post Ransomware: April 2022 review appeared first on Malwarebytes Labs.

MalwareBytes Security

It’s business as usual for REvil ransomware

May 5, 2022 0 Comments gandcrab, jakub kroustek, jbs, kaseya, raas, Ransomware, Ransomware as a Service, revil, revil ransomware, sodin, Sodinokibi

Credit to Author: Jovi Umawing| Date: Thu, 05 May 2022 11:24:03 +0000

A sample of the new REvil ransomware was found in the wild, signaling that, yes, REvil has indeed come back.

The post It’s business as usual for REvil ransomware appeared first on Malwarebytes Labs.

MalwareBytes Security

FBI warns food and agriculture to brace for seasonal ransomware attacks

April 28, 2022 0 Comments blackbyte, blackmatter, conti, crystal valley cooperative, fa sector, farmers' co-op, FBI, federal bureau of investigations, five hands, Food and Agriculture, hellokitty, lock and code, lock and code podcast, lockbit, maze cartel, MFA, multi-factor authentication, new cooperative, Podcast, Ransomware, revil, sick codes, Sodinokibi, suncrypt, Vital infrastructure

Credit to Author: Jovi Umawing| Date: Thu, 28 Apr 2022 16:48:18 +0000

For the second time, the FBI has warned the food and agriculture sector about the risk of ransomware attacks.

The post FBI warns food and agriculture to brace for seasonal ransomware attacks appeared first on Malwarebytes Labs.

MalwareBytes Security

US warns of APT groups that can “gain full system access” to some industrial control systems

April 20, 2022 0 Comments darkside, ics, lesley carhart, lock and code, omron, opc ua, open platform communications unified architecture, operation technology, pipedream, revil, scada, schneider electric, Vital infrastructure

Credit to Author: Jovi Umawing| Date: Wed, 20 Apr 2022 13:55:22 +0000

Federal agencies have discovered tools created by a nation-state actor to compromise US critical infrastructure.

The post US warns of APT groups that can “gain full system access” to some industrial control systems appeared first on Malwarebytes Labs.

← Previous