Search for malware: Investigators are REvil

According to information from Bayerischer Rundfunk (BR) and "Zeit Online", criminal prosecutors from the Baden-Württemberg State Criminal Police Office have identified a suspected mastermind behind the REvil malware.

The software is one of the most notorious programs for ransomware attacks, according to reports on Thursday.

In the case of ransomware, also known as blackmail trojans, it is software that is infiltrated into the system and blocks computers and other systems.

The operators are then blackmailed so that the systems can be reactivated.

The term contains the English word for ransom ("ransom").

Many companies affected

In Germany, among other things, the State Theater Stuttgart, several medium-sized companies and hospitals are affected, according to the reports. Internationally, the attacks on several retail chains this summer, such as Coop supermarkets in Sweden, are known. There branches with affected computers had to close. The group behind the REvil software demanded a ransom of $ 70 million in the digital currency Bitcoin. In addition, the blackmailers are said to be responsible for the cyber attack on the Colonial Pipeline in May of this year.

The suspect in focus is said to be a Russian citizen who lives in a large city in the south of the country.

According to the investigators, he should "undoubtedly" belong to the core group of REvil and its alleged predecessor Gandcrab.

Reporters from the BR and from "Zeit Online" had found evidence that the suspect had received money that is said to come directly from ransomware cases.

Investigators do not comment

Neither the investigating authorities, in the case the Federal Criminal Police Office and the State Criminal Police Office of Baden-Württemberg, nor the Stuttgart public prosecutor's office wanted to comment on the media's request.

Even the suspect did not respond to multiple inquiries.

In the online networks, the man presented himself as a trader in cryptocurrencies with a luxurious lifestyle, for example with expensive sports cars, designer clothes and luxury travel.

As long as he is in Russia, however, he cannot be arrested by German prosecutors.

According to the Reuters news agency, US judicial authorities together with IT experts managed to hack parts of the criminal group's infrastructure last week.

Since then, the website has also been said to have been paralyzed.