The REvil ransomware operation, also known as Sodinokibi, is a ransomware-as-a-service (RaaS) where the operators develop the malware and payment site, and affiliates (adverts) compromise corporate networks to deploy the ransomware. As part of this deal, the REvil developers earn between 20-30% of ransom payments, and the affiliates make the remaining 70-80%. Today, a security researcher discovered that REvil has announced that they are introducing new tactics that affiliates can use to exert more pressure on victims.
Source: https://www.bleepingcomputer.com/news/security/ransomware-gang-plans-to-call-victims-business-partners-about-attacks/