German police name alleged leaders of GandCrab and REvil ransomware groups
Bender
283 points
139 comments
April 06, 2026
Related Discussions
Found 5 related stories in 52.8ms across 3,752 title embeddings via pgvector HNSW
- 7,655 Ransomware Claims in One Year: Group, Sector, and Country Breakdown adulion · 60 pts · March 31, 2026 · 46% similar
- Police Investigate German Historian for Hitler-Putin Meme whatisabcdefgh · 25 pts · March 16, 2026 · 42% similar
- Russia targets Signal and WhatsApp accounts in cyber campaign HelloUsername · 29 pts · March 09, 2026 · 41% similar
- German police probe student poster slur against Merz roflcopter69 · 38 pts · March 07, 2026 · 41% similar
- Italian prosecutors seek trial for Amazon, 4 execs in alleged $1.4B tax evasion amarcheschi · 257 pts · March 12, 2026 · 40% similar
Discussion Highlights (11 comments)
Phelinofist
Spiegel recently did a video on them: https://www.youtube.com/watch?v=HuwRrqM6H1M
nailer
Feels odd for an infosec blog to use 'doxxing' this way. Doxxing is generally considered to be unethical exposure of personal information. Identifying a criminal is ethical.
KingOfCoders
Putting someone on a (most) wanted list is "doxing"? [Edit] "An international search is underway for Daniil Maksimovich SHCHUKIN on suspicion of numerous counts of gang-related and commercial extortion using ransomware to the detriment of commercial enterprises, public facilities, and institutions."
jojomodding
So apparently some CCC-connected hackers already unmasked one of them years ago (as reported in the update, which could have also just linked to the talk here: https://media.ccc.de/v/37c3-12134-hirne_hacken_hackback_edit... ) Makes you wonder if the investigators discovered this independently, or decided to maybe ask the hackers already involved in defending against them for help...
alistairSH
How is "this is the name of the formerly anonymous extortionist" doxxing? Unless there's something not covered in the article, his current address, family members, phone, etc were not listed. That's not doxxing; that's "here's a guy were want to arrest."
crest
Since when does putting criminals on official wanted lists count as doxxing?!? If they want their information taken down they just have to show up in court.
ddtaylor
I think people are getting stuck on the concept of the word doxing here. In anonymous online hacking circles, the idea that you're exposing anyone's OPSEC at all is considered basically doxing. People do it regularly, but it's seen as a clear indication of being an enemy. Some take a "full disclosure" style and expose all OPSEC failures instantly and transparently, because otherwise people seem to collect OPSEC failures and make it seem to be extortion itself, like saying "hey remember that time you signed off with your real name?" or "I know your clearnet address"
twodave
Some of the comments here (and lately on HN in general) are very concerning to me. Are we really going to pretend that people accused of real crimes shouldn’t be arrested, charged and, if found guilty, have an appropriate sentence? It doesn’t take many more than 2 brain cells rubbing together to see that that won’t end well. Whataboutism, political differences, and even real injustices in my opinion do not make this a reasonable position.
mmanfrin
I feel accepted spelling of the word is 'doxxes'; doxes in my head reads as 'dokeses'. Also talk about a headline that would mean absolute gibberish just a couple decades ago.
preetigagarwal
These groups typically exploit unpatched vulnerabilities and exposed credentials. Most companies don't discover they're vulnerable until after a breach. Regular security audits are the only real defense.
AugSun
... and "leading security website" cuts off any traffic from VPNs. What an irony. What's next, ads?