Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
Who Runs the Ransomware Group 'The Gentlemen?'(krebsonsecurity.com)
78 points by Bender 3 days ago | 12 comments
throwa356262 3 days ago | parent | next [-]

Brian on Mastadon:

One thing I didn't mention in the story is the potential consequences of top RU hackers being outed [...] such as interference and shakedowns from tax authorities and local police, extortion or even kidnapping for their considerable ill-gotten crypto wealth.

Oh, the turntables...

Hnrobert42 3 days ago | parent | next [-]

I wonder if the article will get translated and spammed to authorities in his locality.

fsckboy a day ago | parent | prev [-]

how are you Gentlemen? you have no chance to survive, make your time

Cider9986 3 days ago | parent | prev | next [-]

Might be interesting, this buymeacoffee page interviews cybercriminals: (https://buymeacoffee.com/insidedarknet/posts)

exiguus 2 days ago | parent | prev | next [-]

That reminds me of that time when Reddit doxxed the alleged Marathon Bomber, ruined his life, and then it turned out it wasn't him. Aside from all the nicknames, I don't see any evidence. But the article shows how to doxx responsibly.

AtlasBarfed 3 days ago | parent | prev | next [-]

These guys must be having a lot of fun running penetration tests with unrestricted AI models.

With enough full access AI running at a company, all they have to do is insert their own unguardrailed AI into the org...

TomMasz 3 days ago | parent | prev | next [-]

I am shocked, shocked I say, that the head of a ransomware as a service group is based in Russia.

alexb87 3 days ago | parent | prev | next [-]

Is this group real ? Do they have a page where they display the victims and scenarios? Or this is just another group invented by some people to create some good stories?

technion 3 days ago | parent [-]

You can find the link to the victims leaks page and screenshots of it working right here:

https://www.ransomlook.io/group/the%20gentlemen

They appear genuinely prolific.

lschueller a day ago | parent [-]

Thank you for the link.

Yes, they are real. And quite active. Some unverified source threw around the number of >1000 victims in 2026 alone. I think it was ransomware.live. At least a couple of hundred can be counted as victims with more or less certainty. The affiliates business is very very active currently.. as Brian Krebs summarized in a couple of blog posts already.

Feels like almost everyone with some it background in russia tries to jump on one of the raas as an affiliate at the moment. More and more new faces are entering the stage right now.

thisisauserid 3 days ago | parent | prev | next [-]

Alexander Yapaev, alias Hastalamuerte, orchestrates a dark digital extortion empire.

khana 3 days ago | parent | prev [-]

[dead]