- Two Ukrainians were identified as alleged members of the Ransomware group Black Basta; the group’s suspected leader, Oleg Evgenievich Nefedov, was added to the European Union’s Most Wanted and INTERPOL Red Notice lists.
- The suspects are accused of working as “hash crackers,” extracting credentials to enable ransomware intrusions; law enforcement seized digital storage and cryptocurrency assets.
- Black Basta has been linked to attacks on more than 500 companies and is estimated to have earned hundreds of millions in cryptocurrency; leaked internal chats revealed the group’s structure and key members.
- Leaked logs identified Nefedov and his aliases and tied the group to older ransomware networks; after the leaks the group’s public operations went silent and some affiliates may have migrated to other operations.
The Cyber Police of Ukraine and German authorities named two Ukrainian suspects in connection with the Russia-linked ransomware-as-a-service group Black Basta. Germany‘s Federal Criminal Police Office (BKA) said the group’s alleged leader, Oleg Evgenievich Nefedov, has been added to the EU Most Wanted and INTERPOL Red Notice lists (BKA notice, EU Most Wanted).
The agency said “According to the investigation, the suspects specialized in technical Hacking of protected systems and were involved in preparing cyberattacks using ransomware,” and described the accused as “hash crackers,” who extract passwords from systems to enable intrusions.
Searches at residences in Ivano-Frankivsk and Lviv produced seized digital storage devices and cryptocurrency assets, authorities reported. The arrests follow analysis of leaked internal chat logs that became public last year.
Leaked logs and related reports offered a detailed view of Black Basta‘s organization, its methods for initial access, and its membership structure (leaked chat logs, KELA report, analysis, review).
The leaks also identified Nefedov by aliases and alleged links to Russian officials in some documents (unmasking report). A separate notice by the BKA described his role in recruitment, target selection, negotiations and distribution of ransom funds: “He served as the head of the group. As such, he decided who or which organisations would be the targets of attacks, recruited members, assigned them tasks, took part in ransom negotiations, managed the ransom obtained by extortion, and used it to pay the members of the group,”.
Black Basta emerged in April 2022 and reportedly hit over 500 companies across North America, Europe and Australia, collecting an estimated hundreds of millions in cryptocurrency. After the leaks the group’s public operations went quiet and its data leak site was taken down, though researchers note affiliates may have shifted to other operations (post-leak analysis).
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Rocket Lab soars on $816M SDA award, Morgan Stanley boosted.
- JPMorgan Predicts 3% USD Drop by Mid-2026 Amid BRICS Shifts.
- Bitcoin Nears $100K as Bank of America Warns $6T Risk Market
- Dogecoin Tweet Sends Manyu MEME Coin Soaring to Spotlight!!!
- Vitalik: Ethereum to Reclaim Trustlessness Self-Sovereignty 2026
