Germany Doxes 'UNKN,' Head of RU Ransomware Gangs REvil, GandCrab (krebsonsecurity.com) 13
An anonymous reader quotes a report from KrebsOnSecurity: An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer sabotage and extortion against victims across the country between 2019 and 2021. Shchukin was named as UNKN (a.k.a. UNKNOWN) in an advisory published by the German Federal Criminal Police (the "Bundeskriminalamt" or BKA for short). The BKA said Shchukin and another Russian -- 43-year-old Anatoly Sergeevitsch Kravchuk -- extorted nearly $2 million euros across two dozen cyberattacks that caused more than 35 million euros in total economic damage.
Germany's BKA said Shchukin acted as the head of one of the largest worldwide operating ransomware groups GandCrab and REvil, which pioneered the practice of double extortion -- charging victims once for a key needed to unlock hacked systems, and a separate payment in exchange for a promise not to publish stolen data. Shchukin's name appeared in a Feb. 2023 filing (PDF) from the U.S. Justice Department seeking the seizure of various cryptocurrency accounts associated with proceeds from the REvil ransomware gang's activities. The government said the digital wallet tied to Shchukin contained more than $317,000 in ill-gotten cryptocurrency. The BKA believes Shchukin resides in Krasnodar, Russia, where he is from. "Based on the investigations so far, it is assumed that the wanted person is abroad, presumably in Russia," the BKA advised. "Travel behavior cannot be ruled out."
Germany's BKA said Shchukin acted as the head of one of the largest worldwide operating ransomware groups GandCrab and REvil, which pioneered the practice of double extortion -- charging victims once for a key needed to unlock hacked systems, and a separate payment in exchange for a promise not to publish stolen data. Shchukin's name appeared in a Feb. 2023 filing (PDF) from the U.S. Justice Department seeking the seizure of various cryptocurrency accounts associated with proceeds from the REvil ransomware gang's activities. The government said the digital wallet tied to Shchukin contained more than $317,000 in ill-gotten cryptocurrency. The BKA believes Shchukin resides in Krasnodar, Russia, where he is from. "Based on the investigations so far, it is assumed that the wanted person is abroad, presumably in Russia," the BKA advised. "Travel behavior cannot be ruled out."
Finally! (Score:2)
Re: (Score:3)
-making sad typos when critiquing grammar or spelling is king of ironic, don't ya think?
Re:What??? (Score:5, Insightful)
No, we speak English and bad English here. Is that like English NG?
-making sad typos when critiquing grammar or spelling is king of ironic, don't ya think?
Jokes aside, I think the point is this isn't really a doxxing. Doxxing is an unauthorised release of personal information (usually with the intent to cause harm), this is really the opposite as it's a state releasing the name of a wanted criminal.
Re: (Score:2)
The problem is, all the good art and food is in Holland or France. What are you going to steal in Germany?
Re: (Score:2)
I've though about committing a crime before. When I do so, I'll consider Germany.
The problem is, all the good art and food is in Holland or France. What are you going to steal in Germany?
Lets be honest, if there were anything worth stealing in Germany, the British would already have done it.
Jokes aside again, criminals, even wanted criminals are by still protected by law. The law doesn't stop applying to people when they break it. The definition of an "outlaw" is someone who is expressly denied the protection of the law, so by definition an outlaw can't be wanted (hence the old trope about the wild west outlaw being wanted dead or alive is completely wrong), in effect an outlaw can't see
Re: (Score:2)
Being an outlaw didn't work both ways - it's the law withdrawing its protection from you, not its wrath.
Re:What??? (Score:4, Insightful)
Jokes aside, I think the point is this isn't really a doxxing. Doxxing is an unauthorised release of personal information (usually with the intent to cause harm), this is really the opposite as it's a state releasing the name of a wanted criminal.
No, I think it's a real doxxing. The German authorities know they have little chance of getting their hands on the crims themselves because Russia, but instead they release their identity (complete with photos) and expose them to the attention of interested parties in their own country. These may include other criminals looking to persuade them to share some of their several million Euros/Dollars in accumulated funds, possibly assisted by bolt cutters and a blow torch, and maybe the Russian government themselves.
The Russians may not care about the criminality involved, but seeing a chance to get a couple of extra million to boost their failing economy in the wake of the war with Ukraine, the opportunity may be hard to pass up.
Re: (Score:2)
Jokes aside, I think the point is this isn't really a doxxing. Doxxing is an unauthorised release of personal information (usually with the intent to cause harm), this is really the opposite as it's a state releasing the name of a wanted criminal.
No, I think it's a real doxxing. The German authorities know they have little chance of getting their hands on the crims themselves because Russia, but instead they release their identity (complete with photos) and expose them to the attention of interested parties in their own country. These may include other criminals looking to persuade them to share some of their several million Euros/Dollars in accumulated funds, possibly assisted by bolt cutters and a blow torch, and maybe the Russian government themselves.
The Russians may not care about the criminality involved, but seeing a chance to get a couple of extra million to boost their failing economy in the wake of the war with Ukraine, the opportunity may be hard to pass up.
How is this any different to the FBI's most wanted list?
Clue By Four: it isn't.
Or the US seeking Osama Bin Laden, all criminals they have/had little chance of getting so they release the info in the hopes of someone coming forward with info leading to a capture. It also limits where they can travel to as it's a public notice that they're wanted.
This is the exact opposite of a doxxing.
Khabarovsk Region (Score:1)