German investigators identify REvil ransomware gang core member

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,172
Content source
https://www.bleepingcomputer.com/news/security/german-investigators-identify-revil-ransomware-gang-core-member/
German investigators have reportedly identified a Russian man whom they believe to be one of REvil ransomware gang's core members, one of the most notorious and successful ransomware groups in recent years.

The man is presenting himself as a cryptocurrency investor and trader, but German authorities (including Bundeskriminalamt and Landeskriminalamt Baden-Württemberg) think otherwise after tracking some of the Bitcoin payments he made over the years.

While the suspect's real identity has not been revealed, German media is calling him by the fictitious name 'Nikolay K.', and report that investigators linked him to Bitcoin ransom payments associated with the GandCrab ransomware group.

Law enforcement tracked these payments following attacks against a software development firm and the State Theater in Stuttgart.

The same sources claim that the investigators have found strong links between REvil and GandCrab, something that has been suggested numerous times by security researchers and analysts.
Click to expand...
www.bleepingcomputer.com

German investigators identify REvil ransomware gang core member

German investigators have reportedly identified a Russian man named Nikolay K. whom they believe to be one of REvil ransomware gang's core members, one of the most notorious and successful ransomware groups in recent years.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • +Reputation
  • Applause
Reactions: struppigel, plat, upnorth and 4 others
P

plat

Level 29
Top Poster
Sep 13, 2018
1,793
Excerpt:

Romanian law enforcement authorities have arrested two suspects believed to be Sodinokibi/REvil ransomware affiliates on November 4, both of them allegedly responsible for infecting thousands of victims.

DIICOT (the Romanian Directorate for Investigating Organized Crime and Terrorism) and judicial police officers carried out four home searches in Constanța, seizing mobile devices (laptops, mobile phones) and storage media.

The Bucharest Tribunal also ordered the pre-trial detention for the two REvil affiliates for 30 days.

On the same day, Kuwaiti authorities also arrested a GandGrab ransomware affiliate, the three of them being suspected of roughly 7,000 attacks and of asking more than €200 million in ransoms.

Authorities arrested seven suspects linked to REvil and GandGrab this year in total. Three other individuals believed to be REvil affiliates were apprehended in South Korea in February, April, and October, and one was arrested in Europe last month.

www.bleepingcomputer.com

REvil ransomware affiliates arrested in Romania and Kuwait

Romanian law enforcement authorities have arrested two suspects believed to be Sodinokibi/REvil ransomware affiliates, allegedly responsible for infecting thousands of victims.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • Applause
Reactions: struppigel, tipo, Gandalf_The_Grey and 1 other person
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Wow
    • Like
    • Sad
IT worker jailed for impersonating ransomware gang to extort employer
Replies
0
Views
738
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • +Reputation
Security News The law enforcement operations targeting cybercrime in 2023
Replies
0
Views
1,200
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • Applause
    • +Reputation
REvil ransomware gang's web sites mysteriously shut down
Replies
0
Views
1,273
News Archive
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top