German police name alleged leaders of GandCrab and REvil ransomware groups

So apparently some CCC-connected hackers already unmasked one of them years ago (as reported in the update, which could have also just linked to the talk here: https://media.ccc.de/v/37c3-12134-hirne_hacken_hackback_edit... )

Makes you wonder if the investigators discovered this independently, or decided to maybe ask the hackers already involved in defending against them for help...

Spiegel recently did a video on them: https://www.youtube.com/watch?v=HuwRrqM6H1M

Some of the comments here (and lately on HN in general) are very concerning to me. Are we really going to pretend that people accused of real crimes shouldn’t be arrested, charged and, if found guilty, have an appropriate sentence? It doesn’t take many more than 2 brain cells rubbing together to see that that won’t end well. Whataboutism, political differences, and even real injustices in my opinion to not make this a reasonable position.

Feels odd for an infosec blog to use 'doxxing' this way. Doxxing is generally considered to be unethical exposure of personal information.

Identifying a criminal is ethical.

Putting someone on a (most) wanted list is "doxing"?

[Edit] "An international search is underway for Daniil Maksimovich SHCHUKIN on suspicion of numerous counts of gang-related and commercial extortion using ransomware to the detriment of commercial enterprises, public facilities, and institutions."

How is "this is the name of the formerly anonymous extortionist" doxxing?

Unless there's something not covered in the article, his current address, family members, phone, etc were not listed. That's not doxxing; that's "here's a guy were want to arrest."

I think people are getting stuck on the concept of the word doxing here. In anonymous online hacking circles, the idea that you're exposing anyone's OPSEC at all is considered basically doxing. People do it regularly, but it's seen as a clear indication of being an enemy.

Some take a "full disclosure" style and expose all OPSEC failures instantly and transparently, because otherwise people seem to collect OPSEC failures and make it seem to be extortion itself, like saying "hey remember that time you signed off with your real name?" or "I know your clearnet address"

I feel accepted spelling of the word is 'doxxes'; doxes in my head reads as 'dokeses'.

Also talk about a headline that would mean absolute gibberish just a couple decades ago.

[dead]

Since when does putting criminals on official wanted lists count as doxxing?!? If they want their information taken down they just have to show up in court.

[flagged]

This reads less like “hacking” and more like an optimized business.

Clear specialization, outsourcing, and reinvestment — very similar to how startups scale.