Ghosts of REvil: Inside Look with Hacker Behind Kaseya Ransomware Attack

Name: Ghosts of REvil: Inside Look with Hacker Behind Kaseya Ransomware Attack
Description: Jon DiMaggio and John Fokker present an inside account of the REvil ransomware operation, centered on exclusive access to and conversation with a hacker directly involved in the 2021 Kaseya VSA supply

Jon DiMaggio, John Fokker

DEF CON 33 · Day 3 · Main Stage

Jon DiMaggio and John Fokker present an inside account of the REvil ransomware operation, centered on exclusive access to and conversation with a hacker directly involved in the 2021 Kaseya VSA supply

AI review

First-person account of the REvil/Kaseya supply-chain ransomware attack via sustained undercover contact with a direct affiliate. Covers RaaS organizational structure, internal dynamics during dissolution, OPSEC failures, and the human intelligence tradecraft behind obtaining this access. No technical exploitation demo — primary-source intelligence is the content.