The first week of April 2026 witnessed a surge in cybersecurity incidents, from sophisticated AI-driven phishing to critical infrastructure attacks. This roundup explores these threats in detail, offering insights and recommendations for staying secure.
Ransomware and Cybercrime Investigations
German authorities have identified two suspects linked to the REvil and GandCrab ransomware gangs. Daniil Shchukin (alias ‘UNKN’) and Anatoly Kravchuk, believed to be in Russia, are wanted for orchestrating around 24 attacks. These attacks extorted approximately $2.3 million and caused $40 million in damages. REvil, dismantled in 2021, was notorious for high-profile attacks. This investigation follows broader European efforts to target Russian cybercrime networks, including Black Basta.
The FBI’s 2025 Internet Crime Report, released in April 2026, highlights ransomware as a top threat. Akira, Qilin, and Play are among the most reported variants. Critical sectors like healthcare, manufacturing, and government were heavily targeted, emphasizing the need for enhanced security measures. The report indicates that despite arrests, legal proceedings in Russia have stalled, leaving many suspects at large.
Ransomware and Cybercrime Investigations
German authorities have unmasked two suspects linked to the REvil and GandCrab ransomware gangs, identified as Daniil Shchukin and Anatoly Kravchuk. The duo, believed to be in Russia, are wanted for orchestrating ~24 attacks that extorted $2.3 million and caused $40 million in damages. This follows broader European efforts to target Russian cybercrime networks, including Black Basta.
REvil, dismantled in 2021, was notorious for high-profile attacks, such as those on Kaseya and Lady Gaga’s law firm. Despite arrests in Russia in 2022, legal proceedings have stalled, leaving many suspects at large. The FBI’s 2025 Internet Crime Report highlights ransomware as a top threat, with Akira, Qilin, and Play among the most reported variants. Critical sectors like healthcare, manufacturing, and government were heavily targeted.
The FBI’s report also underscores the significant financial impact of ransomware. In 2025, ransomware attacks resulted in losses exceeding $3.05 billion, making it one of the most financially damaging forms of cybercrime. The report emphasizes the need for robust cybersecurity measures and international cooperation to combat this growing threat.
Scams and Social Engineering Attacks
The Social Security Administration (SSA) warned of a surge in phishing emails impersonating official communications. Scammers exploit themes like cost-of-living adjustments or tax documents to steal personal data. The SSA advises verifying sender addresses and never providing personal info via email. Yahoo Finance.
In Nebraska, fraudsters sent texts/emails claiming unpaid fines, threatening penalties unless victims clicked malicious links. Nebraska courts do not send automated texts for fines. Nebraska.tv.
Thailand reported 7,366 online scam cases in early April 2026, with losses of ~$1.24 million. Job scams and fake goods scams were dominant. Authorities froze $6.2 million in transfers and arrested 16 suspects. Vietnam Plus.
Voice phishing (vishing) targeted a South Korean TV personality’s wife, claiming her bank account was tied to a crime. Such scams often combine deepfake voice tech with social engineering. MK News.
The FBI’s 2025 IC3 Report revealed $20.9 billion in cybercrime losses, with investment scams ($8.65B) and business email compromise ($3.05B) topping the list. Victims over 60 accounted for 37% of losses ($7.75B). Phishing remained the most reported crime. CyberScoop.
Critical Infrastructure Disruptions
A cyberattack on the C2K network in Northern Ireland disrupted access to learning platforms during the Easter break. Thousands of students were forced to return to school to reset passwords in person. The Education Authority worked to restore access, but some systems remained disrupted. The cyberattack was not a simple disruption but a serious breach. Many students lost access to essential coursework and study materials.
Final words
The cybersecurity landscape of April 2026 highlights the evolving nature of threats, from sophisticated AI-driven phishing to ransomware attacks and scams. Organizations and individuals must remain vigilant, employing robust security measures and staying informed about the latest tactics used by cybercriminals. For more detailed guidance, refer to the FBI IC3 Report and other resources mentioned.