Ransomware operation known as REvil, aka Sodinokibi, went dark in July, then reappeared without explanation in September. It recruited business partners to take the malware and use it to infect victims, in exchange for partners being promised a 70% cut of every resulting ransom payment. Revil’s data-leak site and payment portal disappeared after its July attack against Kaseya, only to reappear in September, before being hijacked earlier this month. Western law enforcement agencies have been more actively disrupting operators’ infrastructure, including that of REvil.”]
Source: https://www.cuinfosecurity.com/revils-cybercrime-reputation-in-tatters-will-reboot-a-17802