High-level intervention commander Oleg Nefyodov, the leader of the notorious Black Basta group, who is wanted by the International Criminal Police Organization (ICPO) and US authorities, has been detained in Armenia. However, the delay in the court decision allowed him to escape, and he later boasted of his “high-level” contacts. His escape caused an international outcry and raised new questions about the cooperation between cybercriminals and state agencies.
Intel 471 analysts’ investigation linked the identity of the leader of Black Basta to Oleg Nefyodov. Leaks of the group’s internal communications allowed them to gather evidence of his involvement in the world of cybercrime. He was detained in Armenia on June 21, 2024. Within 72 hours, the prosecutor’s office filed a motion for temporary detention, but the judge’s decision was not made in time. Nefedov’s lawyer requested a short break, during which the defendant was allowed to go for a walk, which he used to escape. The judge then ordered his arrest, but it was too late. According to the leaked chat, he told other members of the group that his release was secured by “very high-status” friends. He referred to the “green light” that allowed him to be picked up so quickly. He also reportedly has contacts with influential people who control large companies and can ensure that he is not prevented from crossing the border.
The leaked Black Basta chat also revealed that he rented an office in Moscow where developers, malware operators, and network penetration experts worked. One of the partners, Qakbot virus creator Chuck, was involved in joint transactions with GG, including the purchase of real estate in Dubai. This evidence confirms that Black Basta operated as an organized crime group with a clear division of labor, financing, and global operations. The cybercrime group has long maintained ties with state authorities. Intel471 experts note that Russian intelligence agencies sometimes use hackers to carry out their activities in exchange for immunity.
Oleg Nefyodov’s escape shows how difficult it is to fight cybercrime when hackers are supported.
60 
80 
81 