Germany’s Federal Criminal Police Office, also known as the Bundeskriminalamt (BKA), has successfully identified the real identities of two key figures behind the notorious REvil ransomware operation, also known as Sodinokibi.
The REvil ransomware-as-a-service (RaaS) operation was responsible for over 130 ransomware attacks in Germany, causing significant disruption and financial losses to affected organizations.
One of the identified threat actors, known by the alias UNKN, played a crucial role in promoting the ransomware on the XSS cybercrime forum in June 2019, highlighting the group’s brazen approach to recruiting affiliates and spreading their malicious software.
The unmasking of the REvil leaders marks a significant milestone in the ongoing efforts to combat ransomware threats and hold perpetrators accountable for their actions.
The BKA’s investigation and identification of the REvil operators demonstrate the importance of international cooperation and law enforcement efforts in disrupting and dismantling ransomware operations.
As the cybersecurity landscape continues to evolve, it is essential for organizations to remain vigilant and proactive in protecting themselves against ransomware threats, including those posed by the REvil group and other similar operations.
Source: Original Article
