The REvil ransomware community is one of a new generation of 'Ransomware-as-a-Service' (Raas) businesses. Their core team of developers creates the ransomware, while their "affiliates" spread it to the devices. The developers receive a 20-30% share of any good ransomware attack's earnings, while associates receive a 70-80% payout.Groupe Reorev claims to have had 400GB of confidential data stolen by the new ransomware community known as "LV." Few sample documents have been leaked by the actors, but they are not particularly relevant or harmful. The client data and technical documentation are the most concerning aspects, as Reorev has a number of high-profile clients.
Read the full report here: IR-21-130-001-LV.pdf