Who Runs the Ransomware Group 'The Gentlemen?'
krebsonsecurity.com
June 11, 2026
5 min read
π₯π₯π₯π₯π₯
46/100
Summary
The Gentlemen ransomware group has become the second most active gang by victim count, attracting skilled hackers with a recruitment strategy that offers affiliates 90 percent of ransoms. Security experts are investigating clues that may reveal the real identity of the group's administrator.
Key Takeaways
- The Gentlemen is the second most active ransomware group by victim count, with at least 332 published victims since its inception in mid-2025 and over 240 in 2026 alone.
- The group offers a 90/10 revenue split to affiliates, attracting experienced hackers and accelerating its growth compared to the industry standard of 80/20.
- The primary operator of The Gentlemen, known as Zeta88 or Hastalamuerte, manages the ransomware-as-a-service platform and receives 10 percent of all ransoms paid.
- Zeta88 has been linked to various cybercrime forums and is associated with a phone number connected to a 36-year-old individual named Alexander Andreevich Yapaev from Izhevsk, Russia.
Community Sentiment
Positives
- The mention of unrestricted AI models suggests that advanced AI capabilities could be misused for penetration testing, highlighting the dual-use nature of AI technology.
Concerns
- The potential for hackers to leverage AI for malicious activities raises serious ethical concerns about AI safety and the implications for cybersecurity.