Germany’s Federal Criminal Police Office, also known as the Bundeskriminalamt (BKA), has made a significant breakthrough in the fight against ransomware by identifying the real identities of two key figures associated with the now-defunct REvil ransomware-as-a-service (RaaS) operation.
The REvil group, also known as Sodinokibi, was notorious for its widespread ransomware attacks, with the BKA attributing at least 130 attacks in Germany to the group. One of the identified threat actors, who went by the alias UNKN, played a crucial role in promoting the ransomware on the XSS cybercrime forum in June 2019.
The unmasking of the REvil leaders is a notable achievement for the BKA, as it demonstrates the agency’s capabilities in tracking and identifying cybercrime perpetrators. The revelation also highlights the importance of international cooperation in combating ransomware threats, which have become a major concern for organizations and individuals worldwide.
The REvil ransomware operation was known for its brazen attacks on high-profile targets, including the CVE-2021-34527 vulnerability in the Kaseya VSA software. The group’s activities were eventually disrupted, but not before causing significant damage to numerous organizations.
The BKA’s success in identifying the REvil leaders serves as a warning to other cybercrime groups that law enforcement agencies are actively working to track and bring them to justice. As the threat landscape continues to evolve, it is essential for organizations to remain vigilant and take proactive measures to protect themselves against ransomware attacks.
Source: Original Article
