Overview
- Germany’s federal police, which named the suspects Monday, released photos of Daniil Shchukin and Anatoly Kravchuk, added them to international and EU Most Wanted lists, and asked the public for tips.
- Investigators link the pair to at least 130 attacks in Germany from 2019 to 2021, with 25 victims paying about €1.9 million and total losses exceeding €35 million.
- The BKA says Shchukin, 31, operated under the alias “UNKN” as REvil’s public face, and a 2023 U.S. Justice Department filing tied a crypto wallet holding more than $317,000 to him.
- Kravchuk, 43, is described as a developer for the operation, and police believe both men are in Russia, with no arrests announced.
- GandCrab evolved into REvil’s affiliate-for-hire model that blended file encryption with threats to leak stolen data, and the group’s rise included the 2021 Kaseya hack before FBI infiltrations and later Russian prosecutions curbed its reach.