The ransomware group known as The Gentlemen has quickly become the second most active gang in terms of victim count, largely due to its lucrative affiliate model offering a 90% revenue share. Investigations have linked the group's administrator, known as Hastalamuerte or Zeta88, to a Russian individual named Alexander Yapaev, revealing insights into his identity and operations within the cybercrime community.
The most valuable insight for a cybersecurity professional from this content is the aggressive recruitment strategy of The Gentlemen ransomware group, offering a 90/10 revenue split with affiliates, which significantly diverges from the industry standard. This approach is rapidly expanding their operations by attracting skilled operators from rival groups, highlighting the need for vigilance in monitoring such evolving tactics in ransomware-as-a-service (RaaS) models. Focusing on securing internet-facing devices like VPNs and firewalls is crucial, as these are identified as common entry points for the group's attacks.