Danii Shchukin - Europol Names Notorious Ransomware Leader

What Happened

German police have officially identified Danii Shchukin, a notorious hacker known for leading one of the largest ransomware groups, GandCrab/Revi. He has now been placed on Europol's most-wanted list alongside his accomplice, Anatoly Kravchuk. Shchukin has been active since 2019, and his criminal activities have drawn significant attention from law enforcement agencies worldwide.

Who's Behind It

Danii Shchukin operated under aliases such as UNKN and Unknown. He is known for his strict operational protocols, including forbidding attacks on Russian entities and refusing collaboration with English-speaking hackers. His group, Revi, is believed to have connections with the DarkSide hacker group, which was responsible for the infamous Colonial Pipeline attack in 2021.

Tactics & Techniques

Shchukin is accused of 130 counts of organized and commercial extortion across Germany. In 25 cases, victims paid a total of €1.9 million (around $2.2 million) in ransom. The total economic damage attributed to his operations is estimated at €35.4 million. His tactics often involve sophisticated ransomware attacks that target various sectors, causing widespread disruption.

Defensive Measures

Law enforcement agencies are urging organizations to bolster their cybersecurity measures to protect against ransomware threats. This includes:

• Regularly updating software and systems to patch vulnerabilities.
• Educating employees about phishing and social engineering tactics that can lead to ransomware infections.
• Implementing robust backup solutions to recover data without paying ransoms.

What's Next

With Shchukin and Kravchuk believed to be operating from Russia, the international community is on high alert. Law enforcement agencies are collaborating to track down these cybercriminals. Organizations are encouraged to report any suspicious activity and to remain vigilant against ransomware threats.