Security News > 2021 > October > German investigators identify REvil ransomware gang core member
German investigators have reportedly identified a Russian man named Nikolay K. whom they believe to be one of REvil ransomware gang's core members, one of the most notorious and successful ransomware groups in recent years.
As reported by German media, the investigators were able to link Bitcoin payments with ransoms paid to the GandCrab ransomware group, following attacks against a software developer and the State Theater in Stuttgart.
The same sources claim that the investigators have found strong links between REvil and GandCrab, something that has been suggested numerous times by security researchers and analysts.
Since the crackdown on REvil's infrastructure, from two weeks ago, the group's members have been extra cautious, but it appears that Nikolay was unaware of how close the investigators really were to arrest him.
This summer, Nikolay's wife traveled for holidays alone, while the ransomware actors stayed in Russia, possibly to avoid any unexpected arrests while on foreign grounds.
Considering the dimensions that the ransomware threat has taken at the highest political level, it would be a surprise to see the Russians denying the prosecution of Nikolay.