"REvil Claims Ransomware Attack on Multi-Billion-Dollar Manufacturing Giant Midea Group"
The REvil ransomware gang has claimed responsibility for an attack on Midea Group, a Chinese electrical appliance manufacturer, and has already published what is suspected to be stolen data. The once-dominant REvil ransomware gang, also known as Sodinokibi, resurfaced in April 2022 after being dormant for several months following the Kaseya hack in 2021. Midea Group is one of the first high-profile victims of REvil's since it resurfaced earlier this year, though the company has not officially confirmed the attack's legitimacy. The Chinese multibillion-dollar company claims to be the world's leading appliance manufacturer, and it has many commercial partnerships with global organizations and sports clubs. The company claims to generate $53.3 billion in annual revenue and is ranked 245 on the Fortune Global 500 list. REvil claims to have stolen a variety of data from Midea Group, including blueprints, financial information, and more. It also claims to have stolen a large amount of source code and data from the Git and SVN version control systems. According to screenshots posted by the ransomware gang, multiple terabytes of data appear to have been stolen. REvil has already published many files allegedly obtained from Midea Group online, including scans of physical and digital identity documents, alleged screenshots of the company's VMware vSphere client, compressed 7zip archives, and an SSH key. This article continues to discuss the REvil ransomware gang claiming responsibility for the attack on Midea Group as well as the history of the gang's activities.