- GANGEXPOSE fled sensitive information and PII on the figures of key ransomware
- Among them are severe and professor
- Stern’s identity was confirmed by German police
A mysterious leak was spotted by revealing the identity of some of the most sought -after cybercriminals in the world, including the brains behind Conti and Trickbot Ransomware, infamous groups responsible for some of the greatest extensions in modern history.
Recently, The register spoke to an anonymous individual who goes through the alias Gangexpose, who said he was on a personal mission to “fight against an organized society of known criminals”.
“I enjoy thinking that I can get rid of the company at least some,” said Gangexposed. “I just like to solve the most complex cases.”
Doxxing Stern
One of the people they have doxxed is severe, the Trickbot and Conti-Rensomware operations leader. They claim that Stern is actually a victory Nikolaevich Kovalev, a 36 -year -old Russian national. His identity was then confirmed by the German police.
“The subject is suspected of having been the founder of the group” Trickbot “, also known as” Wizard Spider “”, recently said the Federal Bureau of the Criminal Police of Germany. “The group used Malventy Trickbot software as well as other variants of malware such as Bazarloader, Systembc, Icedid, Ryuk, Conti and Diavol.”
Shortly after, Gangexposed a doxxed another key figure, alias professor. Behind this alias, they claim, is a 39 -year -old Russian named Vladimir Viktorovich Kvitko. Kvitko would live in Dubai.
In addition to appointing key figures, Gangexposed has disclosed discussion newspapers, videos and ransom negotiations.
The leak claims not to be a “computer guy” and that the methodology is based on the observation of the models that others have missed:
“My toolbox includes the analysis of classical intelligence, logic, factual research, bone methodology, pen (I am a linguist and philologist), human psychology and the ability to reconstruct puzzles that others do not even notice,” they told publication.
“I am cosmopolitan with many houses but no permanent basic – I move between countries if necessary. My confidentiality standards are often more strict than those of most of the subjects of my investigations.”
To discover the identity of infamous cybercriminals, they used data obtained via “semi-fermed databases, Darknet Services (to probe state records through corrupt civil servants), and I often buy information. I have access to the FSB Border Control database”, added, saying they bought them from Darkweb for $ 250,000.
An interesting detail is that they could have claimed at least $ 10 million in FBI bonuses, but apparently decided not to do so – bring some media to speculate that they are a former unhappy member to seek revenge, while others believe that the attraction of the premium could also be in line.
