German investigators identify REvil ransomware gang core member

silversurfer

silversurfer

Super Moderator
Thread author
Verified
Top Poster
Staff Member
Malware Hunter
Forum Veteran
Aug 17, 2014
13,153
126,002
8,399
Content source
https://www.bleepingcomputer.com/news/security/german-investigators-identify-revil-ransomware-gang-core-member/
German investigators have reportedly identified a Russian man whom they believe to be one of REvil ransomware gang's core members, one of the most notorious and successful ransomware groups in recent years.

The man is presenting himself as a cryptocurrency investor and trader, but German authorities (including Bundeskriminalamt and Landeskriminalamt Baden-Württemberg) think otherwise after tracking some of the Bitcoin payments he made over the years.

While the suspect's real identity has not been revealed, German media is calling him by the fictitious name 'Nikolay K.', and report that investigators linked him to Bitcoin ransom payments associated with the GandCrab ransomware group.

Law enforcement tracked these payments following attacks against a software development firm and the State Theater in Stuttgart.

The same sources claim that the investigators have found strong links between REvil and GandCrab, something that has been suggested numerous times by security researchers and analysts.
Click to expand...
www.bleepingcomputer.com

German investigators identify REvil ransomware gang core member

German investigators have reportedly identified a Russian man named Nikolay K. whom they believe to be one of REvil ransomware gang's core members, one of the most notorious and successful ransomware groups in recent years.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • +Reputation
  • Applause
Reactions: struppigel, plat, upnorth and 4 others
Excerpt:

Romanian law enforcement authorities have arrested two suspects believed to be Sodinokibi/REvil ransomware affiliates on November 4, both of them allegedly responsible for infecting thousands of victims.

DIICOT (the Romanian Directorate for Investigating Organized Crime and Terrorism) and judicial police officers carried out four home searches in Constanța, seizing mobile devices (laptops, mobile phones) and storage media.

The Bucharest Tribunal also ordered the pre-trial detention for the two REvil affiliates for 30 days.

On the same day, Kuwaiti authorities also arrested a GandGrab ransomware affiliate, the three of them being suspected of roughly 7,000 attacks and of asking more than €200 million in ransoms.

Authorities arrested seven suspects linked to REvil and GandGrab this year in total. Three other individuals believed to be REvil affiliates were apprehended in South Korea in February, April, and October, and one was arrested in Europe last month.

www.bleepingcomputer.com

REvil ransomware affiliates arrested in Romania and Kuwait

Romanian law enforcement authorities have arrested two suspects believed to be Sodinokibi/REvil ransomware affiliates, allegedly responsible for infecting thousands of victims.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • Applause
Reactions: struppigel, tipo, Gandalf_The_Grey and 1 other person
You must log in or register to reply here.

You may also like...