German Authorities Identify Leaders of REvil and GandCrab Ransomware Gangs

Severity: Medium (Score: 54.6)

Sources: Technadu, Therecord.Media, Scworld, Securityaffairs.Co, Feeds.Feedburner

Summary

German Federal Criminal Police (BKA) have identified Daniil Maksimovich Shchukin, 31, and Anatoly Sergeevitsch Kravchuk, 43, as the leaders of the notorious REvil and GandCrab ransomware gangs. Shchukin, known by the alias 'UNKN,' is linked to at least 130 cyberattacks in Germany from 2019 to 2021, resulting in approximately €2 million in ransom payments and over €35 million in economic damage. Both gangs were known for pioneering the double extortion tactic, demanding payments for decryption keys and to prevent data leaks. The BKA has issued a public appeal for information regarding their whereabouts, as both suspects are believed to be in Russia. This identification marks a significant milestone in the ongoing efforts to combat ransomware operations that have plagued organizations globally. The REvil gang, in particular, gained notoriety for targeting large enterprises and conducting high-profile attacks, including the Kaseya incident that affected around 1,500 downstream victims. Key Points: • Daniil Shchukin and Anatoly Kravchuk identified as leaders of REvil and GandCrab gangs. • The gangs executed at least 130 cyberattacks in Germany, causing over €35 million in damages. • Shchukin is known for pioneering the double extortion tactic in ransomware operations.

Key Entities