LV is a ransomware group that first emerged in late 2020. It operates as a ransomware-as-a-service (RaaS) offering, primarily distinguished by its use of a modified REvil (also known as Sodinokibi) ransomware binary. The group's primary motivation is financial gain through double extortion, where they encrypt victim data and threaten to leak stolen information. While they often frame their attacks as retaliation against organizations that fail to protect data, this serves as a justification for their financially driven operations. Despite leveraging a powerful, repurposed ransomware, LV's backend infrastructure is considered less sophisticated than the original REvil operation, specifically lacking the extensive command and control network.

URLs nuevas detectadas en IntelTracker