Belarusian Directorate "K" of the Ministry of Internal Affairs, with the assistance of the Cyber Police of Great Britain and Romania, revealed in Gomel, the ransomware operator GandCrab, which is responsible for hacking over 1000 computers in 2017-2018.
“It has been established that a 31-year-old resident of Gomel who had no previous convictions infected more than a thousand computers. For decrypting each of them, he demanded an amount equivalent to 1200 US dollars. Access to the admin panel for managing the ransomware botnet was carried out via the darknet, which allowed the attacker to remain anonymous for a long time. Part of the profit was transferred to the administrators (operators) of the server he leased. The victims of the hacker were users from almost a hundred countries, and the largest number of victims are in India, the USA, Ukraine, Great Britain, Germany, France, Italy and Russia, ”said Vladimir Zaitsev, Deputy Head of the High-Tech Crimes Department.
Law enforcement officials said that the Gomel resident was not officially employed, and made a living by distributing cryptocurrency miners, and also advertised malware writing services on hacker forums.
Let me remind you that the GandCrab ransomware stopped working in the summer of 2019. Then the malware developers boasted that they "earned" about 2 billion US dollars from their brainchild and said that it was time for them to retire.
Now many cybersecurity researchers believe that the authors of GandCrab are now developing another ransomware – Sodinokibi (aka REvil), although the identity of these people is still not established.