Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
The alleged leader of the Black Basta ransomware group has escaped court while awaiting a judge’s detention decision.
According to reports, Oleg Nefedov, who was wanted by the US and Interpol, was arrested on 21 June 2024. He was held for 72 hours as prosecutors requested a temporary detention.
During this time, Nefedov was released for a walk, during which time he escaped, entering a vehicle and leaving the courthouse while in the presence of both police and court officials.
Following his escape, the judge ruled for Nefedov’s arrest, according to Armenian publication Civilnet.am.
Nefedov is believed to be the leader of the Black Basta ransomware gang. The ransomware group’s messages were leaked recently, revealing the inside intricacies of the group, including messages from its leader, who goes by GG.
GG is believed to be responsible for coordinating the group’s operations, working with affiliates, overlooking budgets and finance and hiring new threat staff.
However, from 21 June 2024, the day of Nefedov’s arrest, and 3 July 2024, messages from GG came to a halt. When he resumed messaging, GG revealed to another member of the group about being arrested and that he escaped with the aid of high-level officials.
“How did they get you out? Did you pay a lot?” said a gang member by the name of Chuck.
GG said: “Remember when I said I had friends at a really high level; this is the level of our first.”
“I’ve just managed to call him.”
While GG said he was unable to specify exactly how he got out, he said that he had help from someone who runs “big corporations” and was able to get through immigration without issue thanks to the “number one”, another high-ranking official.
GG said he simply asked for a “green corridor” and they immediately came out for him.
According to the leaker of the Black Basta conversations, a user going by the name ExploitWhispers, suggested that GG may also go by the alias Tramp and that the two names are monikers used by Nefedov.
Research into the lead conversations also suggests that GG operated out of at least two offices in Moscow, the workplace of malware operators, network intruders, developers and other roles.
Additionally, Chuck, operator and developer of the Qakbot (Qbot) malware, bought property in Dubai with GG.
Be the first to hear the latest developments in the cyber industry.
