Germany’s Federal Criminal Police Office (BKA) identified the REvil affiliate known as “UNKN” as 31-year-old Daniil Maksimovich Shchukin and added alleged developer Anatoly Sergeevitsch Kravchuk to its wanted list, linking them to a string of high-impact ransomware attacks. The BKA said the suspects are tied to 130 attacks in Germany causing over €35.4 million in damages (with €1.9 million in ransoms paid) and associated with the REvil/GandCrab operation that targeted victims including JBS and Kaseya. #REvil #DaniilShchukin
Keypoints
- Germany’s BKA unmasked “UNKN” as Daniil Maksimovich Shchukin and added Anatoly Sergeevitsch Kravchuk to its wanted list.
- The suspects are alleged to have been involved in 130 ransomware attacks across Germany.
- Twenty-five incidents resulted in €1.9 million in paid ransoms and total damages exceeded €35.4 million.
- REvil (aka Sodinokibi/GandCrab) operated as a RaaS with numerous affiliates and high-profile victims like JBS and Kaseya.
- Law enforcement actions in 2021–2024 disrupted the group, leading to arrests and convictions in multiple countries.
Read More: https://thehackernews.com/2026/04/bka-identifies-revil-leaders-behind-130.html