The Gentlemen Ransomware: AI-Assisted Development, 332 Victims, and the OSINT Trail That Exposed a Russian Admin

Security researchers have identified the suspected administrator of The Gentlemen ransomware operation as Alexander Andreevich Yapaev, 36, a resident of Izhevsk, Russia, after an internal chat leak exposed the group’s backend communications and an OSINT trail connected multiple cybercrime forum aliases to a publicly visible LinkedIn profile. As of June 2026, The Gentlemen ranks as the second most active ransomware-as-a-service operation globally by victim count, with more than 332 victims published to its data leak site since the group launched in mid-2025.

The investigation, published June 10 by KrebsOnSecurity and corroborated by KELA Cyber’s May 2026 analysis of the leaked chat logs, revealed a detail with particular relevance for AI infrastructure defenders: the group’s internal communications show its developers used “abliterated” large language models — open-source models with safety filters surgically removed — to accelerate ransomware development and post-exploitation tooling.

Scope and Market Position

From its mid-2025 launch through May 2026, The Gentlemen claimed approximately 328 victims, representing roughly 10 percent of global ransomware claims during that period, according to KELA’s analysis of the internal leak ↗. By early June, that total had grown to more than 332 published victims, with over 240 of those in 2026 alone. The group sits behind Qilin in total victim count and ahead of every other active RaaS operation.

The affiliate model is structured aggressively: affiliates retain 90 percent of any ransom payment; the core team collects 10 percent. The administrator — operating as “zeta88” in internal channels — manages that cut. Krebs’s investigation identified the alias “Hastalamuerte” as an additional handle for the same operator. By contrast, LockBit historically offered affiliates 80 percent; the 90/10 split has helped The Gentlemen rapidly attract a pool of experienced intrusion operators seeking better terms.

From the internal chat logs, KELA identified the following division of labor: Wick handles initial intrusion, mAst3r handles target selection, and Kunder validates access before the group commits to full encryption.

Timeline

• Mid-2025: The Gentlemen launches. First victims published to Tor data leak site.
• Early 2026: Group surpasses 240 victims in 2026 alone; claims approximately 10 percent of global RaaS victim share.
• May 14, 2026: KELA Cyber publishes analysis of internal chat leak, documenting TTPs, tooling inventory, and organizational structure.
• June 10, 2026: KrebsOnSecurity publishes attribution investigation connecting the Hastalamuerte and Zeta88 aliases to Alexander Andreevich Yapaev of Izhevsk, Russia.
• June 12, 2026: No public law enforcement action announced. Group remains active.

Entry Vectors and Technical TTPs

KELA’s analysis of the chat leak identified a consistent initial access playbook: the group targets internet-facing network perimeter devices — VPN concentrators and firewalls — exploiting known, patched CVEs rather than novel zero-days.

The vulnerabilities identified in KELA’s analysis include:

CVE-2024-55591 ↗ — FortiOS/FortiProxy Authentication Bypass, CVSS 9.8 CRITICAL CWE-288. Crafted requests to the Node.js websocket module bypass authentication and grant unauthenticated super-administrator privileges. Affected versions: FortiOS 7.0.0-7.0.16, FortiProxy 7.0.0-7.0.19 and 7.2.0-7.2.12. CISA added this to its Known Exploited Vulnerabilities catalog in January 2025 with a mandatory remediation deadline. Organizations that did not patch remain exposed to the group’s initial access workflow.

CVE-2025-32433 ↗ — Erlang/OTP SSH Unauthenticated RCE, CVSS 10.0 CRITICAL CWE-306. The SSH server component in Erlang/OTP mishandles SSH protocol messages in a way that permits unauthenticated remote code execution. The CVSS score of 10.0 reflects zero prerequisites — no credentials, no prior access, no user interaction required. Affected: all Erlang/OTP versions prior to 27.3.3, 26.2.5.11, and 25.3.2.20. CISA’s remediation deadline was June 30, 2025. Erlang/OTP underpins Cisco IOS-XR routing infrastructure and Ericsson telecommunications systems; any unpatched Erlang SSH endpoint is a direct entry point.

CVE-2023-34039 — VMware Aria Operations for Networks Authentication Bypass, CVSS 9.8 KELA’s analysis documents this among the CVE set exploited by the group’s intrusion actors, providing network API access without valid credentials.

Beyond CVE-based entry, KELA notes the group maintains fluency in classic Active Directory exploitation: PetitPotam (NTLM relay without credentials), PrinterBug (SpoolSS coercion), and ZeroLogon (CVE-2020-1472, direct domain controller compromise). Post-access privilege escalation proceeds via iDRAC/IPMI out-of-band management interfaces on bare-metal servers and Veeam backup server exploitation — the latter providing both credential material and the ability to destroy backup repositories before ransom delivery.

Post-exploitation tooling documented in the leak includes a custom ZeroPulse lateral movement tool, Amnezia VPN and WireGuard for encrypted C2 tunneling, and Cloudflare ZeroTrust for egress masking. Affiliates’ C2 infrastructure is hosted on bulletproof VPS providers 4vps.su and JustHost.asia. Internal communications route through a self-hosted Rocket.Chat instance on a .onion domain, with secondary coordination channels on Tox, Session, and Element.

Ransomware delivery occurs within hours of initial access. KELA’s analysis describes the group moving from perimeter exploitation to full domain encryption inside a single operational window.

The AI Development Pipeline

The detail that most distinguishes The Gentlemen from peer RaaS operations is documented in the internal chat logs: the core team used “abliterated” language models for ransomware development and post-exploitation tooling.

An abliterated LLM is an open-source model — Llama, Mistral, or similar — that has had its refusal behavior removed through representation engineering or targeted fine-tuning. The technique, publicly documented starting in 2024, does not require retraining from scratch. It identifies and suppresses the internal activation vectors that produce refusal behavior, leaving the model’s underlying capabilities intact but removing its reluctance to assist with offensive content. The resulting model generates working exploit code, assists with evasion logic, and debugs C2 tooling without the safety constraints present in commercially deployed APIs.

KELA’s summary of the chat logs describes this practice in the group’s own terminology as “AI vibe-coding” — a phrase that captures the workflow: rapid, iterative development with an AI assistant that accepts any task. The group ran these models locally on their own infrastructure, avoiding the logging, rate-limiting, and provider telemetry associated with commercial API access.

The operational implication is material. AI-assisted development compresses the time from concept to deployable tool. For a RaaS operation, this matters in two ways: the core team iterates faster on evasion and encryption logic, and affiliates with limited technical depth receive AI-assisted tooling that bridges the skill gap between initial access and full ransomware deployment.

The Attribution Trail

The operator’s tradecraft failed in a pattern that is common among mid-tier threat actors: consistent username reuse across a decade of activity, combined with a failure to compartmentalize real-world identity from criminal infrastructure.

KELA’s chat leak analysis identified the administrator operating as “zeta88.” KrebsOnSecurity’s investigation ↗ connected zeta88 to “Hastalamuerte” via forum registration patterns and traced Hastalamuerte to accounts across at least seven cybercrime forums — Raidforums, Breachforums, Exploit, Nulled, Codeby, BHF, and RAMP_V2 — registered from 2019 through 2025.

The numeric strings embedded in the handles — 1488 in the ProtonMail address [email protected] and in the Telegram handle @hastalamuerte18 — are two numeric symbols associated with white supremacy and served as consistent markers across platforms.

The GitHub account SantaMuerte, linked by Krebs’s investigation to the same operator, maintained a public commit history that exposed development activity timelines. That account cross-referenced with a Pikabu social account (4apai18) that contained personal location details. The final link: a LinkedIn profile under the operator’s real name listing employment as a B2B marketing head at Uralenergo Udmurtia, an electrotechnical supplier headquartered in Izhevsk, Udmurt Republic, Russia. The same Russian phone number appeared across the account registrations.

No Russian law enforcement action has been announced. Russia does not extradite nationals on cybercrime charges where victims are outside Russian jurisdiction.

Original Analysis: What the AI-Assisted RaaS Model Signals to AI Infrastructure Defenders

The Gentlemen’s documented use of abliterated LLMs in its development pipeline is not an isolated incident. It is confirmation of a shift that threat intelligence teams should now treat as a baseline assumption: top-tier ransomware operations are running locally-hosted jailbroken models, and that tooling leaves no commercial API footprint.

The barrier to entry is low. Running an abliterated 13-to-30-billion-parameter model locally requires approximately $500 to $2,000 in GPU hardware and readily available published weights. For a RaaS operation generating millions in ransom payments, this is rounding error. The question is not whether threat actors are using AI tooling. The question is what targets that tooling is being directed at.

The CVE selection in The Gentlemen’s playbook answers that question directly. CVE-2024-55591 (FortiOS) and CVE-2025-32433 (Erlang/OTP) are not generic enterprise perimeter vulnerabilities — they sit in front of the infrastructure that AI compute depends on. Organizations running large GPU clusters frequently segment perimeter access via FortiGate firewalls and route traffic through Cisco IOS-XR switching infrastructure built on Erlang/OTP. A ransomware actor that traverses a FortiOS management plane via CVE-2024-55591 and pivots to Erlang-based infrastructure via CVE-2025-32433 can reach hypervisor layers, storage subsystems, and compute nodes themselves.

The damage profile from encrypting a GPU cluster mid-training run — combined with destroying Veeam backups, as this group’s documented TTPs include — is categorically different from encrypting office workstations. Model checkpoints, training datasets, and inference infrastructure represent months of investment. Recovery from offline tapes alone involves operational disruption that extends well beyond any ransom negotiation timeline.

There is a counter-argument worth stating plainly. The AI-assisted development approach may be producing brittle, inconsistently validated code. KELA’s leak analysis does not suggest The Gentlemen is deploying novel cryptographic schemes or custom implants that resist forensic analysis. The CVEs they exploit are one to three years old, publicly documented, and carry CISA KEV designations that should have triggered mandatory remediation before this group was even active. The AI tooling appears to be helping affiliates move faster and more confidently, not fundamentally expanding the vulnerability surface.

The practical implication: organizations that maintained disciplined vulnerability management against CISA KEV deadlines are largely outside this group’s accessible target pool. The Gentlemen are reaching places where basic hygiene failed. The AI component accelerates exploitation of known vulnerabilities; it does not create new ones.

The attribution failure offers a separate lesson. The operator ran AI-assisted development on local infrastructure but maintained a decade-old alias trail with consistent, distinctive markers spanning commercial (LinkedIn, GitHub) and criminal (Breachforums, Exploit) contexts. AI tooling did not assist with operational security. The pattern is consistent with what has been documented in Russian-speaking cybercriminal ecosystems: technical capability combined with persistent identity hygiene failures — username reuse, real-world professional identity left publicly indexed, and forum account histories that provide a rich OSINT corpus years before the criminal operation that depends on them.

For AI security practitioners, The Gentlemen case establishes several working data points. AI-assisted ransomware development via abliterated models is confirmed at the top-tier level. The CVEs targeted include critical gateway vulnerabilities for AI compute infrastructure. And because locally-run models leave no provider-side logs, detection cannot rely on LLM API telemetry; it must rely on endpoint and network observability of the lateral movement and exploitation phases that follow. For more on the offensive AI security surface — including how abliterated models figure in red team tooling and attack chain development — see aisec.blog ↗.

What Defenders Should Do

1. Patch CVE-2024-55591 immediately. Any FortiOS instance running versions 7.0.0-7.0.16 or FortiProxy 7.0.0-7.0.19 / 7.2.0-7.2.12 is actively targeted. CISA’s remediation deadline was January 21, 2025. Upgrade to FortiOS 7.0.17+ or FortiProxy 7.0.20+ / 7.2.13+. If patching within 7 days is not feasible, disable the administrative web interface from untrusted networks immediately.

2. Audit and patch Erlang/OTP deployments within 7 days. CVE-2025-32433 (CVSS 10.0) affects all Erlang/OTP versions prior to 27.3.3, 26.2.5.11, and 25.3.2.20. Scope includes any Cisco IOS-XR device, Ericsson network equipment, and custom Erlang applications that expose SSH. Patch or disable the SSH server component where it is not operationally required.

3. Restrict management plane exposure. The Gentlemen’s initial access playbook requires access to administrative interfaces. Move FortiGate, iDRAC, IPMI, and similar management surfaces behind dedicated out-of-band management networks that are not reachable from general internal subnets or the internet. Require hardware MFA for remote administrative access.

4. Harden backup infrastructure against this group’s documented Veeam targeting. Backup repositories should be network-isolated from the systems they protect and should require separate, non-domain credentials. Immutable backup storage — on-premises or cloud — removes the leverage that backup destruction provides in ransom negotiation.

5. Hunt for ZeroPulse and Amnezia VPN indicators. Endpoint telemetry and network flow data showing unexpected WireGuard or Amnezia VPN traffic from internal hosts, or lateral movement patterns consistent with PetitPotam/PrinterBug AD coercion, warrants immediate investigation. The group’s full post-exploitation chain is documented in KELA’s analysis.

Sources

• KrebsOnSecurity, June 10, 2026 — Primary attribution investigation connecting the Hastalamuerte/Zeta88 aliases to Alexander Andreevich Yapaev. Documents OSINT methodology, forum registration history, social account linkage, and group background. https://krebsonsecurity.com/2026/06/who-runs-the-ransomware-group-the-gentlemen/ ↗

• KELA Cyber, May 14, 2026 — Technical analysis of The Gentlemen’s internal chat leak. Primary source for CVE identification, organizational structure, tooling inventory, AI development details, and victim statistics. https://www.kelacyber.com/blog/the-gentlemen-ransomware-internal-chat-leak-analysis-2026/ ↗

• NIST NVD — CVE-2024-55591 — FortiOS/FortiProxy authentication bypass using alternate path, CVSS 9.8 CRITICAL, CISA KEV. Remediation deadline January 21, 2025. https://nvd.nist.gov/vuln/detail/CVE-2024-55591 ↗

• NIST NVD — CVE-2025-32433 — Erlang/OTP unauthenticated SSH remote code execution, CVSS 10.0 CRITICAL, CISA KEV. Remediation deadline June 30, 2025. https://nvd.nist.gov/vuln/detail/CVE-2025-32433 ↗