Report an incident

Get 24/7 incident response assistance from our global team

Talk to sales

Just fill out the form, and our representative will contact you soon.

Join the Cybercrime Fighters Club

Please review the following rules before submitting your application:

1. Our main objective is to foster a community of like-minded individuals dedicated to combatting cybercrime and who have never engaged in Blackhat activities.

2. All applications must include research or a research draft. You can find content criteria in the blog. Please provide a link to your research or research draft using the form below.

Nikolay Kichatov

Nikolay Kichatov

Cyber Intelligence Analyst, Group-IB (APAC)

Nikolai Kichatov is a Cyber Intelligence Analyst at Group-IB, where he has been making significant contributions since 2020. Specializing in ransomware attack methodologies and the intricate structures of cybercriminal groups, Nikolai delves deep into the interactions between these groups and entities involved in malware delivery and access acquisition.

Nikolai’s expertise includes TTPs, IOCs, hunting C2 servers, and attributing attacks to threat groups. His investigative efforts have led to successful infiltrations of ransomware groups, providing invaluable insights into their operations. Nikolai has documented his detailed experiences with the Qilin Ransomware group, showcasing his ability to uncover their tactics, techniques, and procedures. Additionally, he has gathered critical information about the leadership of the Nokoyawa ransomware group, highlighting his skill in penetrating these covert organizations

Nikolai holds a bachelor’s degree in Information Security of Telecommunication Systems, graduated in 2022. His commitment to cybersecurity is reflected in his deep understanding of cybercriminal activities and his proactive approach to threat analysis.

Awards and recognitions

Nikolay holds multiple Group-IB achievement coins for his outstanding contributions to threat research and product development:

GIB Star Achievement coin

GIB STAR challenge coin – For significant achievements, large-scale projects, and developing new lines of business throughout the year.

Blog posts by Nikolay Kichatov

Ransomware
January 28, 2025
Cat’s out of the bag: Lynx Ransomware-as-a-Service
In this blog, we observed how the Lynx Ransomware-as-a-Service (RaaS) group operates, detailing the workflow of their affiliates within the panel, their cross-platform ransomware arsenal, customizable encryption modes, and advanced technical capabilities.
18,918
Encrypted Symphony
Threat Intelligence
October 17, 2024
Encrypted Symphony: Infiltrating the Cicada3301 Ransomware-as-a-Service Group
In this blog, we observed how the Cicada3301 Ransomware-as-a-Service (RaaS) group operates, detailing the workflow of their affiliates within the panel and examining the Windows, Linux, ESXi, and PowerPC variants of the ransomware.
7,664
DragonForce blog banner
Ransomware
September 25, 2024
Inside the Dragon: DragonForce Ransomware Group
In this blog, we look at the DragonForce ransomware group, which poses a severe threat with two variants—a LockBit fork and a customized Conti fork with advanced features and SystemBC malware.
38,942
El Dorado Ransomware: The New Golden Empire of Cybercrime?
Ransomware
July 3, 2024
Eldorado Ransomware: The New Golden Empire of Cybercrime?
All about Eldorado Ransomware and how its affiliates make their own samples for distribution.
6,554
Investigation into farnetwork cover
Threat Intelligence
November 8, 2023
Ransomware manager: Investigation into farnetwork, a threat actor linked to five strains of ransomware
Take a deep dive into the operations of one of the most active players in the Ransomware-as-a-Service market.
12,755
Ransomware
May 15, 2023
The Qilin Ransomware: Analysis and Protection Strategies
All you need to know about Qilin ransomware and its operations targeting critical sectors.
17,086