German authorities have identified 31-year-old Russian national Daniil Maksimovich Shchukin as the elusive hacker "UNKN," the mastermind behind the prolific GandCrab and REvil ransomware gangs responsible for massive global extortion.

Key Points

• German investigators linked Shchukin and accomplice Anatoly Sergeevitsch Kravchuk to at least 130 cyberattacks causing over 35 million euros in economic damage.
• The REvil and GandCrab groups pioneered "double extortion," where hackers demand payment for decryption keys and threaten to leak stolen sensitive data.
• A 2023 U.S. Department of Justice filing identified a cryptocurrency wallet tied to Shchukin containing more than $317,000 in illicit proceeds.
• REvil gained notoriety for "big-game hunting," specifically targeting large organizations with high annual revenues and cyber insurance policies.
• The group’s operations were significantly disrupted following a 2021 attack on Kaseya, which prompted an FBI intervention and the release of a universal decryption key.
• Shchukin is currently believed to be residing in Krasnodar, Russia, outside the reach of German law enforcement.

Why it Matters

The identification of Shchukin highlights the professionalization of the ransomware economy, where criminal syndicates operate with the efficiency and structure of legitimate corporations. This case underscores the ongoing challenge for international authorities in prosecuting cybercriminals who leverage safe havens in countries like Russia to evade justice.