Convicted REvil Affiliate Accuses Russian Government of Planning 2021 Kaseya Attack

Timeline

1. 11.08.2025 21:50 1 articles · 1mo ago

   Convicted REvil Affiliate Accuses Russian Government of Planning 2021 Kaseya Attack

   During a DEF CON 33 session, a convicted REvil affiliate, Yaroslav Vasinskyi, accused the Russian government of planning the 2021 Kaseya attack. Vasinskyi, who is serving a 13-year sentence for his role in numerous ransomware attacks, claims that the Russian government orchestrated the attack to disrupt critical infrastructure. The session provided detailed insights into REvil's operations and the structure of its ransomware-as-a-service model. Vasinskyi's allegations were discussed by Jon DiMaggio, chief intelligence strategist at Analyst1, and John Fokker, head of threat intelligence at Trellix. The session highlighted REvil's use of a dedicated communication platform and leak site, as well as their strict affiliate selection process.

   Show sources

   • REvil Actor Accuses Russia of Planning 2021 Kaseya Attack — www.darkreading.com — 11.08.2025 21:50

   Open in new tab

Information Snippets

• REvil conducted a supply chain attack against Kaseya in July 2021, exploiting a vulnerability in Kaseya's VSA software.

  First reported: 11.08.2025 21:50
  1 source, 1 article
  Show sources

  • REvil Actor Accuses Russia of Planning 2021 Kaseya Attack — www.darkreading.com — 11.08.2025 21:50

• The attack compromised over 1,000 companies.

  First reported: 11.08.2025 21:50
  1 source, 1 article
  Show sources

  • REvil Actor Accuses Russia of Planning 2021 Kaseya Attack — www.darkreading.com — 11.08.2025 21:50

• REvil operated as a ransomware-as-a-service (RaaS) group with a structured hierarchy, including five admins and up to 40 affiliates.

  First reported: 11.08.2025 21:50
  1 source, 1 article
  Show sources

  • REvil Actor Accuses Russia of Planning 2021 Kaseya Attack — www.darkreading.com — 11.08.2025 21:50

• REvil was known for targeting both large-scale enterprises and individual consumers.

  First reported: 11.08.2025 21:50
  1 source, 1 article
  Show sources

  • REvil Actor Accuses Russia of Planning 2021 Kaseya Attack — www.darkreading.com — 11.08.2025 21:50

• REvil used a dedicated communication platform and a leak site to publish stolen data, which is now a standard practice in the ransomware ecosystem.

  First reported: 11.08.2025 21:50
  1 source, 1 article
  Show sources

  • REvil Actor Accuses Russia of Planning 2021 Kaseya Attack — www.darkreading.com — 11.08.2025 21:50

• REvil's operations were dismantled in an international infrastructure takedown in October 2021, and Russia charged several members in January 2022.

  First reported: 11.08.2025 21:50
  1 source, 1 article
  Show sources

  • REvil Actor Accuses Russia of Planning 2021 Kaseya Attack — www.darkreading.com — 11.08.2025 21:50

• Yaroslav Vasinskyi, a convicted REvil affiliate, claims the Russian government orchestrated the Kaseya attack.

  First reported: 11.08.2025 21:50
  1 source, 1 article
  Show sources

  • REvil Actor Accuses Russia of Planning 2021 Kaseya Attack — www.darkreading.com — 11.08.2025 21:50

• Vasinskyi alleges that the Russian government's motive was to disrupt critical infrastructure, not to make money.

  First reported: 11.08.2025 21:50
  1 source, 1 article
  Show sources

  • REvil Actor Accuses Russia of Planning 2021 Kaseya Attack — www.darkreading.com — 11.08.2025 21:50

• Vasinskyi was sentenced to over 13 years in prison and fined over $16 million for his role in over 2,500 ransomware attacks.

  First reported: 11.08.2025 21:50
  1 source, 1 article
  Show sources

  • REvil Actor Accuses Russia of Planning 2021 Kaseya Attack — www.darkreading.com — 11.08.2025 21:50