Ransomware
LV Ransomware
First seen: 2020-10 • Status: active
Currently Active Threat
LV Ransomware uses stolen REvil code. When REvil shut down, someone took their code and started a new operation.
Overview
LV Ransomware is based on REvil code. It emerged after REvil's source code leaked and targets enterprises worldwide.
Also Known As
LV
How It Spreads
- • RDP exploitation
- • Phishing
What It Does
- • File encryption
- • Data theft
- • REvil-based code
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Watch for REvil variant indicators
MITRE ATT&CK Techniques
T1486, T1567
If You're Infected
- 1.
Follow REvil response procedures
Related Malware
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required