Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home News

Alleged Conti and Trickbot Leader Unmasked

June 2, 2025
Reading Time: 3 mins read
in News
Senators Urge CSRB Return For Salt Typhoon

Germany’s Federal Criminal Police Office (BKA) has identified “Stern” as 36-year-old Russian national Vitaly Nikolaevich Kovalev. Kovalev is strongly suspected of having founded the notorious ‘Trickbot’ group, also known by the alias ‘Wizard Spider,’ according to the BKA. This prolific cybercrime group utilized Trickbot malware alongside other dangerous variants like Bazarloader, SystemBC, IcedID, Ryuk, Conti, and Diavol. An Interpol red notice now seeks Kovalev in Germany, officially charging him as the ringleader of this unnamed criminal organization. This recent development isn’t Kovalev’s first encounter with law enforcement, as he was previously sanctioned and charged in the United States. Those February 2023 U.S. actions were for his significant links to both the TrickBot and Conti widespread cybercrime gangs.

Kovalev’s more definitive unmasking as “Stern” followed massive information leaks from TrickBot and Conti members, known as TrickLeaks and ContiLeaks. While ContiLeaks provided access to the gang’s internal private conversations and valuable source code, TrickLeaks went a step further. It exposed the identities, various online accounts, and detailed personal information of numerous active TrickBot members on social media platforms. These leaked crucial conversations clearly revealed that Kovalev, operating under his alias “Stern,” was in charge of the entire TrickBot operation. He also directly orchestrated the infamous Ryuk and Conti ransomware gangs, showcasing his extensive control over these global criminal activities. The chat logs illustrated how other members consistently contacted Stern for his vital approval before conducting major cyberattacks against their targets.

According to comprehensive investigations conducted by the German BKA, the Trickbot group at certain peak times consisted of more than 100 members.

This large and sophisticated criminal enterprise operated in a highly organized and clearly hierarchically structured manner, primarily being project and profit-oriented. The group is held directly responsible for the widespread infection of several hundred thousand computer systems in Germany and also across the world. Through its extensive illegal cyber activities spanning multiple years, it has successfully obtained illicit funds estimated to be in the three-digit million range. Its numerous victims included critical global entities like hospitals, various public facilities, numerous private companies, public authorities, and also many private individuals.

Vitaly Kovalev’s current specific whereabouts are unfortunately unknown to the international law enforcement agencies that are actively seeking his immediate capture.

However, German police authorities strongly believe that he currently resides somewhere within the Russian Federation, making his potential apprehension significantly more challenging. They have consequently issued a public appeal for any available information that could potentially lead to his successful capture and subsequent prosecution. Specifically, these authorities are seeking any details regarding his current online accounts or any communication channels that he is known to presently use. This ongoing international manhunt highlights the dedicated global effort to bring high-profile cybercriminals like Kovalev to face justice for their actions.

Reference:

  • Trickbot And Conti Ransomware Gang Leader Unmasked by German Authorities
Tags: Cyber NewsCyber News 2025Cyber threatsJune 2025
ADVERTISEMENT

Related Posts

Cloudflare Blocks Record 7.3 Tbps DDoS

US Expects Iranian Cyberattacks to Escalate

June 23, 2025
Cloudflare Blocks Record 7.3 Tbps DDoS

AT&T to Pay $177M for Massive Data Breach

June 23, 2025
Cloudflare Blocks Record 7.3 Tbps DDoS

Cloudflare Blocks Record 7.3 Tbps DDoS

June 23, 2025
US Seizes $225M In Record Crypto Bust

UK Data Law Risks EU Adequacy Deal

June 20, 2025
US Seizes $225M In Record Crypto Bust

US Seizes $225M In Record Crypto Bust

June 20, 2025
US Seizes $225M In Record Crypto Bust

Argentina Busts Russian Disinformation Ring

June 20, 2025

Latest Alerts

Spyware in App Stores Steals Your Photos

Stealth Malware Targets Fortinet Firewalls

Prometei Botnet Attacks Servers for Crypto

Winos 4.0 Malware Hits Taiwan Via Tax Phish

New Godfather Trojan Hijacks Banking Apps

New Amatera Stealer Delivered By ClearFake

Subscribe to our newsletter

    Latest Incidents

    Aflac Hacked in Spree on Insurance Firms

    CoinMarketCap Doodle Hack Steals Crypto

    UK’s Oxford Council Legacy Systems Breached

    Massive Leak Exposes 16 Billion Credentials

    Chinese Spies Target Satellite Giant Viasat

    German Dealer Leymann Hacked Closes Stores

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial