Signal

German authorities identify leaders of REvil and GandCrab ransomware gangs

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-04-06 06:59 UTCUpdated 2026-04-06 23:54 UTC

redditrss

cveexploitsbreachesmalwarethreat_actorsadvisories

Source links open

Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.

Back Evidence (5)Get the free brief by email Start free trial

No card needed for the free brief.

Evidence trail (top sources)

top sources (4 domains)

4 top sources shown

German authorities identify REvil and GangCrab ransomware bosses

bleepingcomputer_all · News · bleepingcomputer.com · 2026-04-06 23:54 UTC

German police unmask two suspects linked to REvil ransomware gang

The Record (Recorded Future News) · News · therecord.media · 2026-04-06 18:34 UTC

German authorities identify alleged leader of GandCrab and REvil ransomware gangs

SC Media · News · scworld.com · 2026-04-06 15:02 UTC

BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks

thehackernews · News · thehackernews.com · 2026-04-06 06:59 UTC

View all evidence

Overview

German Federal Police (BKA) have unmasked two Russian nationals as the alleged leaders behind the notorious GandCrab and REvil ransomware operations active between 2019 and 2021.

Entities

REvilGandCrabDaniil Maksimovich ShchukinAnatoly Kravchuk

Score total

1.87

Momentum 24h

5

Posts

5

Origins

5

Source types

2

Duplicate ratio

0%

Why now

The suspects were identified after years of ransomware activity from 2019 to 2021.
Public naming by German authorities signals increased international cooperation against ransomware.
Recent disclosures coincide with ongoing efforts to combat ransomware-as-a-service models globally.

Why it matters

Identifying ransomware leaders aids law enforcement in disrupting major cybercrime operations.
REvil and GandCrab pioneered double extortion tactics, increasing ransomware impact.
This breakthrough may deter future ransomware attacks by exposing key threat actors.

LLM analysis

Topic mix: lowPromo risk: lowSource quality: high

Recurring claims

Daniil Maksimovich Shchukin, alias UNKN, led the GandCrab and REvil ransomware gangs.
The BKA linked these actors to over 130 ransomware attacks in Germany.

How sources frame it

German Federal Police (BKA): neutral

All evidence

All evidence

German authorities identify REvil and GangCrab ransomware bosses

bleepingcomputer_all · bleepingcomputer.com · 2026-04-06 23:54 UTC

German police unmask two suspects linked to REvil ransomware gang

The Record (Recorded Future News) · therecord.media · 2026-04-06 18:34 UTC

German authorities identify alleged leader of GandCrab and REvil ransomware gangs

SC Media · scworld.com · 2026-04-06 15:02 UTC

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

blueteamsec · krebsonsecurity.com · 2026-04-06 12:53 UTC

BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks

thehackernews · thehackernews.com · 2026-04-06 06:59 UTC

Show filters & breakdown

Posts loaded: 0Publishers: 5Origin domains: 5Duplicates: -

Platform

Publisher

Origin domain

Relevance tier

Duplicates only

Showing 5 / 0

Top publishers (this list)

bleepingcomputer_all (1)
The Record (Recorded Future News) (1)
SC Media (1)
blueteamsec (1)
thehackernews (1)

Top origin domains (this list)

bleepingcomputer.com (1)
therecord.media (1)
scworld.com (1)
krebsonsecurity.com (1)
thehackernews.com (1)