Suspected REvil Gang Insider Identified

German investigators have identified a deep-pocketed, big-spending Russian billionaire whom they suspect of being a core member of the REvil ransomware gang.

He lolls around on yachts, wears a luxury watch with a Bitcoin address engraved on its dial, and is suspected of buying it all with money he made as a core member of the REvil ransomware gang.

The showy billionaire goes by “Nikolay K.”on social media, and German police are hoping he’ll cruise out of Russia on his next vacation – preferably, to a country with a cooperation agreement with Germany so they can arrest him. In case he decides to kick back somewhere other than sunny Crimea, they’ve got an arrest warrant waiting for him.

According to a joint investigation by the German media outlet Zeit Online and the German public broadcaster Bayerischer Rundfunk, investigators from Germany’s Baden-Württemberg State Criminal Police Office (LKA) are convinced that Nikolay K. is part of the core group that operate the ransomware-as-a-service (RaaS) player REvil, aka Sodinokibi.

It’s Rare to Snare a Ransomware Gang’s Big Fish

It wouldn’t be the first time that ransomware operators were collared, but we don’t typically see police nab the bigwigs. For example,

Read More: https://threatpost.com/revil-ransomware-core-member/175863/