Krebs on Security reports that the rapidly growing ransomware-as-a-service operation known as The Gentlemen was linked to a Russian national identified as Alexander Andreevich Yapaev. The group has quickly become the second most active ransomware gang by victim count, largely due to an aggressive affiliate recruitment strategy offering a 90% revenue share.
The Gentlemen ransomware group, identified by Check Point Software, operates on a ransomware-as-a-service model, attracting skilled hackers with an unusually high 90/10 affiliate revenue split. This strategy has propelled them to become the second most active ransomware gang, with at least 332 published victims since mid-2025.
The group targets internet-facing devices like VPNs and firewalls for initial access, rapidly encrypting entire networks within hours. Investigations by Check Point and Intel 471 suggest the administrator, known online as Zeta88 and previously Hastalamuerte, is likely
Alexander Andreevich Yapaev, a 36-year-old from Izhevsk, Russia. Evidence includes linked email addresses, phone numbers, and social media profiles, with Yapaev also listing a professional role as head of B2B marketing at Uralenergo Udmurtia. Russian cybercriminals often operate with relative impunity due to government non-interference, provided they do not target domestic entities.
Kelley Damore is Chief Content Officer at CyberRisk Alliance, where she leads content strategy across the company’s digital brands, research, communities and live events serving CISOs and security practitioners. At CyberRisk Alliance, she is focused on delivering 365-day engagement, trusted journalism and actionable insights to help security leaders navigate an increasingly complex threat landscape.
Kelley Damore is Chief Content Officer at CyberRisk Alliance, where she leads content strategy across the company’s digital brands, research, communities and live events serving CISOs and security practitioners. At CyberRisk Alliance, she is focused on delivering 365-day engagement, trusted journalism and actionable insights to help security leaders navigate an increasingly complex threat landscape.
Registering with SC Media is 100% free. Join tens of thousands of cybersecurity leaders today and gain access to the latest analysis shaping the global infosec agenda.
