German investigators identified a Russian billionaire who authorities suspect of being a core member of the notorious REvil ransomware gang. This individual is allegedly very flashy and tends to spend large amounts of money. The man goes by “Nikolay K” on social media. German police hope that he will leave Russia on his next vacation, where he could then be arrested by German authorities. Therefore, if he decides to travel to Crimea, German authorities will be able to file an arrest warrant and hopefully detain him.

A joint investigation by the German media outlet Zeit Online and the German public broadcaster found that this individual is part of a core group that operates the ransomware-as-as-service RaaS player REvil, also referred to as Sodinokibi. However, this is not the first time REvil gang members were allegedly identified. In September, two members of an unidentified ransomware gang suspected to be REvil were arrested in Ukraine after a joint international law enforcement operation.