German authorities identify REvil and GangCrab ransomware bosses
Summary
German authorities have identified two Russian nationals as the leaders behind the GandCrab and REvil ransomware operations. These prominent ransomware gangs were active between 2019 and 2021, causing significant damage globally. The BKA's findings are part of a broader international effort to track down cybercriminals.
IFF Assessment
Identifying the leaders of major ransomware operations is bad news for defenders as it reveals the individuals behind the attacks and could lead to their apprehension, but it also highlights the continued threat posed by these sophisticated criminal organizations.
Defender Context
This news underscores the ongoing threat of ransomware operations, even those that have officially ceased, and highlights the importance of international law enforcement cooperation. Defenders should remain vigilant for any resurgence or splinter groups associated with these or similar ransomware families.