ACCORDING to the German Federal Criminal Police (the BKA), 31-year-old Russian Daniil Maksimovich Shchukin, who went by UNKN, headed both GandCrab and REvil ransomware gangs and is alleged to have carried out at least 130 acts of computer sabotage and extortion in Germany between 2019 and 2021. The BKA’s advisory named Shchukin and Anatoly Sergeevitsch Kravchuk as extorting nearly €2 million across two dozen attacks, causing more than €35 million in total economic damage.
Shchukin’s name appeared in a February 2023 U.S. Department of Justice filing seeking seizure of cryptocurrency accounts tied to REvil, with the wallet containing more than $317,000. GandCrab first surfaced in January 2018 and shut down on 31 May 2019 after extorting more than $2 billion from victims, while REvil emerged soon after as a reorganisation fronted by UNKNOWN.
Travel abroad is presumed, with Shchukin believed to reside in Russia, and Intel 471 links connect him to the Ger0in hacker identity active earlier in the decade.