Ukrainian and German law enforcement have identified two individuals linked to the Black Basta ransomware group, a Russia-associated ransomware-as-a-service (RaaS) operation. The group’s leader, Oleg Evgenievich Nefedov, a 35-year-old Russian national, has been added to the European Union’s Most Wanted list and INTERPOL’s Red Notice.
Details of the Investigation
According to the Cyber Police of Ukraine, the suspects were involved in technical hacking and preparing ransomware attacks. They operated as “hash crackers,” utilizing specialized software to extract passwords from protected systems. Once they obtained the credentials, they infiltrated corporate networks to deploy ransomware and extort funds for decryption.
Law Enforcement Actions
Authorities conducted searches at the residences of the accused in Ivano-Frankivsk and Lviv, seizing digital storage devices and cryptocurrency assets. Black Basta emerged in April 2022 and has reportedly targeted over 500 companies across North America, Europe, and Australia, generating hundreds of millions of dollars in illicit cryptocurrency payments.
Background on Nefedov and Black Basta
Internal chat logs from Black Basta leaked online early last year, revealing insights into the group’s operations and structure. Nefedov, identified as the leader, is known by several aliases, including Tramp and Trump. Allegations suggest he has connections to high-ranking Russian officials and intelligence agencies, which may have helped him evade capture.
Current Status and Future Implications
Despite being arrested in Yerevan, Armenia, in June 2024, Nefedov managed to secure his release. His current location is believed to be Russia, but remains unconfirmed. Following the leaks, Black Basta has been largely inactive since February 2025, raising questions about the potential for its members to rebrand or join other ransomware operations. Reports indicate that some former affiliates may have transitioned to the CACTUS ransomware group, coinciding with Black Basta’s decline.
This article was produced by NeonPulse.today using human and AI-assisted editorial processes, based on publicly available information. Content may be edited for clarity and style.
