Both groups use double extortion techniques, which have become the standard amongst ransomware threat groups over the past few years. Double extortion refers to a criminal practice in which a ransom is demanded to release machines with encrypted data, but the group also attempts to extort an additional payment in order not to publicize files collected via data exfiltration.

It is not uncommon for some or all the actors from older ransomware groups to join new groups or rebrand their ransomware under a different name. In this case, it does not appear that this group has retained all the REvil threat actors, but it is possible that there is some overlap. The Ransom Cartel Group is a newer ransomware gang that is quickly expanding its number of victims. Industry standards and best practices for cybersecurity should be followed in order to avoid becoming the next victim of these groups. A continued focus on security control fundamentals such as implementing multi factor authentication (MFA) while removing legacy access routes, improving password complexity and uniqueness requirements, network segmentation, Role Based Access Controls (RBAC), and improved security awareness training can help reduce perimeter breaches and dwell times.

https://www.darkreading.com/threat-intelligence/tactics-tie-ransom-cartel-group-to-defunct-revil-ransomware