An anonymous reader quotes a report from KrebsOnSecurity:

> An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil [1]now has a name and a face . Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer sabotage and extortion against victims across the country between 2019 and 2021. Shchukin was named as UNKN (a.k.a. UNKNOWN) in [2]an advisory published by the German Federal Criminal Police (the "Bundeskriminalamt" or BKA for short). The BKA said Shchukin and another Russian -- 43-year-old Anatoly Sergeevitsch Kravchuk -- extorted nearly $2 million euros across two dozen cyberattacks that caused more than 35 million euros in total economic damage.

>

> Germany's BKA said Shchukin acted as the head of one of the largest worldwide operating ransomware groups GandCrab and REvil, which pioneered the practice of double extortion -- charging victims once for a key needed to unlock hacked systems, and a separate payment in exchange for a promise not to publish stolen data. Shchukin's name appeared in a [3]Feb. 2023 filing (PDF) from the U.S. Justice Department seeking the seizure of various cryptocurrency accounts associated with proceeds from the REvil ransomware gang's activities. The government said the digital wallet tied to Shchukin contained more than $317,000 in ill-gotten cryptocurrency.

The BKA believes Shchukin resides in Krasnodar, Russia, where he is from. "Based on the investigations so far, it is assumed that the wanted person is abroad, presumably in Russia," the BKA advised. "Travel behavior cannot be ruled out."



[1] https://krebsonsecurity.com/2026/04/germany-doxes-unkn-head-of-ru-ransomware-gangs-revil-gandcrab/

[2] https://www.bka.de/DE/IhreSicherheit/Fahndungen/Personen/BekanntePersonen/CC_BW/DMS/Sachverhalt.html?nn=26874#detailinformationen265540

[3] https://krebsonsecurity.com/wp-content/uploads/2026/04/shchukin-seizure-revil.pdf