{ "id": "fd7fd2ed-320f-4bdf-95d4-7eeb1cdc2ac2", "created_at": "2026-04-06T00:12:20.568561Z", "updated_at": "2026-04-10T03:21:05.342024Z", "deleted_at": null, "sha1_hash": "423d5f01b5199568076d979f6efab77b704f0a86", "title": "Spanish telecom giant MasMovil hit by Revil ransomware gang", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 107905, "plain_text": "Spanish telecom giant MasMovil hit by Revil ransomware gang\r\nPublished: 2021-07-01 · Archived: 2026-04-05 19:59:51 UTC\r\nRevil ransomware gang is claiming to have downloaded databases and other\r\nimportant data belonging to the MasMovil group.\r\nSpain’s 4th largest telecom operator MasMovil Ibercom or MasMovil is the latest victim of the infamous Revil\r\nransomware gang (aka Sodinokibi)\r\nOn its official blog accessible via Tor browser, as seen by Hackread.com, the ransomware operator claims to have\r\n“downloaded databases and other important data” belonging to the telecom giant.\r\nSEE: Police just seized DoubleVPN – Bad news for ransomware gangs\r\nAs proof of its hack, the group has also shared screenshots apparently of the stolen MasMovil data that shows\r\nfolders named Backup, RESELLERS, PARLEM, and OCU, etc.\r\nIt is worth noting that at the time of publishing this article; MasMovil had acknowledged the ransomware attack\r\nhowever, there was no demand for ransom from the Revil gang.\r\nScreenshots published by the Revil group (Image: Hackread.com)\r\nThe attack structure of the Revil ransomware operator follows the same modus operandi as other ransomware\r\ngroups such as breaching the security of its target, stealing data and locking the files on the victim’s system and\r\ndemand ransom payment for decrypter key/tool.\r\nhttps://www.hackread.com/revil-ransomware-gang-hits-masmovil-telecom/\r\nPage 1 of 2\n\nRevil means bad news\r\nFor those unaware of Revil’s activities; the group is known for targeting high-profile businesses and organizations.\r\nFor instance, on June 15th, 2021, Revil claimed to breach US nuclear weapons contractor Sol Oriens.\r\nThe same group was also behind the breach against Apple supplier Quanta in April 2021 while earlier in March\r\nthis year the ransomware operators targeted technology giant Acer and demanded a ransom of $50 million. \r\nHow big is MasMovil in Spain?\r\nAs for MasMovil; the telecom operator is big in Spain. The Group’s fixed network reaches 18 million households\r\nwith ADSL and close to 26 million with optical fiber. Its 4G mobile network covers 98,5% of the Spanish\r\npopulation.\r\nThe company also owns brands like Yoigo, Pepephone, Llamaya, Lebara. It is unclear what is next for MasMovil.\r\nNevertheless, Hackread.com is keeping an eye on the situation and will be updating this article accordingly.\r\nDid you enjoy reading this article? Like our page on Facebook and follow us on Twitter.\r\nSource: https://www.hackread.com/revil-ransomware-gang-hits-masmovil-telecom/\r\nhttps://www.hackread.com/revil-ransomware-gang-hits-masmovil-telecom/\r\nPage 2 of 2", "extraction_quality": 1, "language": "EN", "sources": [ "ETDA" ], "references": [ "https://www.hackread.com/revil-ransomware-gang-hits-masmovil-telecom/" ], "report_names": [ "revil-ransomware-gang-hits-masmovil-telecom" ], "threat_actors": [], "ts_created_at": 1775434340, "ts_updated_at": 1775791265, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/423d5f01b5199568076d979f6efab77b704f0a86.pdf", "text": "https://archive.orkl.eu/423d5f01b5199568076d979f6efab77b704f0a86.txt", "img": "https://archive.orkl.eu/423d5f01b5199568076d979f6efab77b704f0a86.jpg" } }