{
	"id": "400350e4-c6f0-45f0-b1c2-723dcc69352d",
	"created_at": "2026-04-06T01:29:37.63905Z",
	"updated_at": "2026-04-10T03:20:51.003056Z",
	"deleted_at": null,
	"sha1_hash": "11acc1ac34a1a23544d794a0529a4b53f2d1435f",
	"title": "REvil Ransomware Gang Spill Details on US Attacks",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 60150,
	"plain_text": "REvil Ransomware Gang Spill Details on US Attacks\r\nBy Tom Spring\r\nPublished: 2021-06-04 · Archived: 2026-04-06 01:07:54 UTC\r\nThe REvil ransomware gang is interviewed on the Telegram channel called Russian OSINT.\r\nCybercriminals behind the JBS Foods ransomware attack claim they had no intent to target United States-based\r\nfirms. The group, identified as the Sodinokibi REvil ransomware gang, also said it was not afraid of being labeled\r\na cyber-terrorist group.\r\nA spokesperson for REvil shared its positions in an interview on a YouTube and Telegram channel called Russian\r\nOSINT early Friday. The validity of the REvil source cannot be independently confirmed by Threatpost, however\r\nthe REvil ransomware gang has used the Russian OSINT channel several times to discuss criminal activities such\r\nas future targets, alliances and revenue.\r\nThe brief Russian-language interview revealed that the cybercriminal gang had originally focused its efforts on an\r\nunspecified Brazil-based entities. According to the REvil source, the gang was trying to stay away from the U.S.\r\nand U.S.-based firms.\r\nWho is the REvil Group?\r\nThe REvil group is widely believed responsible for the cyberattack that knocked out operations at JBS Foods. The\r\nglobal food distributor has confirmed to the Biden administration it believes the REvil group is responsible for the\r\nattack.\r\nREvil is known for both audacious attacks on the world’s biggest organizations and astronomical ransoms. In\r\nApril, it tried to extort Apple just hours before its new product launch, demanding a $50 million extortion fee.\r\nAs of Tuesday, JBS Foods said they were able to resume shipping food from nearly all of its U.S. facilities and\r\nmaking progress in resuming plant operations in the U.S. and Australia. In response, the Biden administration\r\nadmonished Russia.\r\n“The White House is engaging directly with the Russian government on this matter and delivering the message\r\nthat responsible states do not harbor ransomware criminals,” said White House Press Secretary Karine Jean-Pierre\r\nin a Sunday interview.\r\nSodinokibi REvil Ransomware Gang: Undeterred\r\nKey claims made by the REvil gang on the Russian OSINT channel included:\r\nhttps://threatpost.com/revil-spill-details-us-attacks/166669/\r\nPage 1 of 2\n\nThe recent attack, impacting JBS Foods, was originally directed at a Brazilian entity.\r\nREvil doesn’t understand why the U.S. has intervened in this case.\r\nThe gang member said current U.S. legislation, if passed, that would restrict ransomware victims from\r\npaying a ransom, would not be a deterrent for future attacks.\r\nThe group is not afraid of being considered terrorists.\r\nThe group originally restricted U.S. targets in cyberattacks.\r\nIn the interview the anonymous REvil gang member said that in light of U.S. actions and posturing to retaliate for\r\nthe JBS Foods attack, the group will now lift the restriction on attacking U.S. targets.\r\nJoin Threatpost for “A Walk On The Dark Side: A Pipeline Cyber Crisis Simulation”– a LIVE interactive\r\ndemo on Wed, June 9 at 2:00 PM EDT. Sponsored by Immersive Labs, find out whether you have the tools\r\nand skills to prevent a Colonial Pipeline-style attack on your organization. Questions and LIVE audience\r\nparticipation encouraged. Join the discussion and Register HERE for free.\r\nSource: https://threatpost.com/revil-spill-details-us-attacks/166669/\r\nhttps://threatpost.com/revil-spill-details-us-attacks/166669/\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://threatpost.com/revil-spill-details-us-attacks/166669/"
	],
	"report_names": [
		"166669"
	],
	"threat_actors": [],
	"ts_created_at": 1775438977,
	"ts_updated_at": 1775791251,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/11acc1ac34a1a23544d794a0529a4b53f2d1435f.pdf",
		"text": "https://archive.orkl.eu/11acc1ac34a1a23544d794a0529a4b53f2d1435f.txt",
		"img": "https://archive.orkl.eu/11acc1ac34a1a23544d794a0529a4b53f2d1435f.jpg"
	}
}