REvil (Ransomware Evil; also known as Sodinokibi) was a Russia-based or Russian-speaking private ransomware-as-a-service (RaaS) operation. After an attack, REvil would threaten to publish the information on their page Happy Blog unless the ransom was received. In a high profile case, REvil attacked a supplier of the tech giant Apple and stole confidential schematics of their upcoming products. In January 2022, the Russian Federal Security Service said they had dismantled REvil and charged several of its members. History. REvil recruits affiliates to distribute the ransomware for them.
https://en.wikipedia.org/wiki/REvil