Back to all articles
Ransomware

REvil (Sodinokibi) Ransomware (2019–2021)

Jun 04, 2026

REvil (Sodinokibi) Ransomware (2019–2021)
REvil, also known as Sodinokibi, is one of the most prominent ransomware groups of recent years. Emerging around 2019, it became highly active by targeting large companies across the globe. Their methods were highly sophisticated. They did not just encrypt data; they also stole it. Afterward, the attackers would threaten to leak the information online if the payment was not made. This tactic is known as "double extortion." One of their most notorious attacks occurred in 2021 against the company Kaseya. By exploiting a shared software platform, hundreds of other companies were affected. This case demonstrated how a single attack can impact numerous businesses simultaneously. REvil is considered one of the most dangerous groups due to its high level of organization and the advanced techniques it employs.

References

https://www.akamai.com/glossary/what-is-revil
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-revil