Cybersecurity

Cyber: Black Basta Ransomware Leader Added To Eu Most Wanted And Interpol...

2026-01-17 0 views admin
Cyber: Black Basta Ransomware Leader Added To Eu Most Wanted And Interpol...

Ukrainian and German law enforcement authorities have identified two Ukrainians suspected of working for the Russia-linked ransomware-as-a-service (RaaS) group Black Basta.

In addition, the group's alleged leader, a 35-year-old Russian national named Oleg Evgenievich Nefedov (Нефедов Олег Евгеньевич), has been added to the European Union's Most Wanted and INTERPOL's Red Notice lists, authorities noted.

"According to the investigation, the suspects specialized in technical hacking of protected systems and were involved in preparing cyberattacks using ransomware," the Cyber Police of Ukraine said in a statement.

The agency said the accused individuals functioned as "hash crackers," who specialize in extracting passwords from information systems using specialized software. Once the credential information was obtained, members of the ransomware group broke into corporate networks and ultimately deployed ransomware and extorted money to recover the encrypted information.

Authorities conducted searches at the defendants' residences located in Ivano-Frankivsk and Lviv, allowing them to seize digital storage devices and cryptocurrency assets.

Black Basta first emerged in the threat landscape in April 2022, and is said to have targeted more than 500 companies across North America, Europe, and Australia. The ransomware group is estimated to have earned hundreds of millions of dollars in cryptocurrency from illicit payments.

Early last year, a year's worth of internal chat logs from Black Basta leaked online, offering a glimpse into the group's inner workings, its structure and key members, and the various security vulnerabilities exploited to gain initial access to organizations of interest.

The leaked dossier also unmasked Nefedov as Black Basta's ringleader, adding he goes by various aliases, such as Tramp, Trump, GG, and AA. Some documents alleged that Nefedov had ties to high-ranking Russian politicians and intelligence agencies, including the FSB and GRU.

Nefedov is believed to have leveraged these connections to protect his operations and evade international justice. A subsequent analysis from Trellix revealed that Nefedov was able to secure his freedom despite getting arrested in Yerevan, Armenia, in June 2024. His other aliases include kurva, Washingt0n, and S.Jimmi. Although Nefedov is said to be in Russia, his exact whereabouts are unknown.

Furthermore, there is evidence linking Nefedov to Conti, a now-defunct group that sprang forth in 2020 as a

Source: The Hacker News

🏷️ Tags

securityhackransomwareattackthreat

More from Cybersecurity

Cyber: Openai To Show Ads In Chatgpt For Logged-in U.s. Adults On Free And...

Cyber: Openai To Show Ads In Chatgpt For Logged-in U.s. Adults On Free And...

2026-01-17 0
Cyber: Openai Says Its New Chatgpt Ads Won't Influence Answers 2026

Cyber: Openai Says Its New Chatgpt Ads Won't Influence Answers 2026

2026-01-16 0
Cyber: More Problems For Fortinet: Critical Fortisiem Flaw Exploited

Cyber: More Problems For Fortinet: Critical Fortisiem Flaw Exploited

2026-01-16 0
Cyber: Stealc Hackers Hacked As Researchers Hijack Malware Control Panels

Cyber: Stealc Hackers Hacked As Researchers Hijack Malware Control Panels

2026-01-16 0

Trending

1

Tech: Go-legacy-winxp: Compile Golang 1.24 code for Windows XP

2026-01-15 • 4457 views
2

Tech: Data is the only moat

2026-01-15 • 4133 views
3

Tech: Pocket TTS: A high quality TTS that gives your CPU a voice

2026-01-15 • 3239 views
4

Tech: AWS European Sovereign Cloud

2026-01-15 • 2741 views
5

Tech: JuiceFS is a distributed POSIX file system built on top of Redis and S3

2026-01-15 • 2719 views