The following interview, which we publish in full, was conducted in July2025 by Erez, a member of the deepdarkCTI community.

Q (Erez): Devman first appeared in April 2025 and, only two months later, released Devman 2, what drove that rapid evolution and which lessons from version 1 pushed you to move so quickly to version 2?

A (Devman): Nothing much really v1 was used amongst me and some close affiliates, we have uncovered the new technical aspects that we would need for a more comfortable work, since v1 was never actually ment to stick around for long, it was developed in cpp, but now for optimisation and better obfuscation we did change to rust.

Q (Erez): Researchers have traced code and infrastructure links between Devman and DragonForce. Do you have any relationship to the DragonForce group?

A (Devman): That’s a funny story, yes we did work with DF, there was one miraculously dumb researcher, I think he was Pakistani, or from another Stan country, he absolutely would not get of my dick, constantly banging with new tox accounts, even claiming he had accesses and wanted the build, so I just went into the DF panel, and made him a broken build, the mf was so happy to see our build, but yeah we played him. DF is surely an interesting RAAS, and we
sometimes talk with the admin; he is a good guy.

Q (Erez): Your affiliate program offers a 90/10 split when partners bring their own access, 70/30 when they rely on yours, and it withholds the locker on a new affiliate’s first job while an internal member deploys it. How do you enforce those terms, protect the code, and keep amateurs out?

A (Devman): It is fairly simple: if you don’t pass the «vibe» check, then we won’t work with you. You have to be either Jewish or from the CIS to work with us; it’s best if you are a Jew from the CIS region. We won’t assign a newbie to handle our locker; they will only gain access to the panel once a trusted member of our team has authorised the access and confidently confirms that it was legitimate. We are forced to do this because we had to redevelop the Devman compiler of our code basically from scratch to ensure the necessary obfuscation was
achieved.

Q (Erez): The RAAS rules also openly encourage attacks on critical infrastructure outside the CIS region and set minimum revenue thresholds of USD 100 million, or USD 50 million in healthcare, why pursue such high-profile targets despite the sharpened law-enforcement spotlight?

A (Devman): Because they pay. My good old friend once told me that a ransom is essentially a job of 5 payouts for an affiliate. That’s why we focus on HVT – it’s simple: they pay.

Q (Erez): Researchers found that your build encrypts its own ransom note, breaking the payment path. Was that an intentional anti-analysis tactic or an oversight?

A (Devman): Yeah, as I have claimed, we tricked them into this by giving them the build, if I am not mistaken, the researcher wanted to lock www.ciming.com.cn, which we immediately understood was a fake.

Q (Erez): Some Telegram channels published personal data about you. What is your response to the claims that your real identity is exposed?

A (Devman): Well, it was not, gang exposed thinks I am Oleg Nefedov, who allegedly is Trump from Conti, when I am not Trump, but yep, I was in Conti.

Q (Erez): Where does Devman stand on attacking Israeli or Jewish-owned organisations and what factors shape that attitude?

A (Devman): We don’t, Israel is the land of all jews around the world, so it is simple, don’t shit from where your origins come from. I donate a percentage of my income to IDF-affiliated funds.

Q (Erez): When a victim refuses to pay, is that a significant financial hit for you or simply an accepted loss? How do you measure that impact?

A (Devman): No, it is not, it is just us losing some time, and then we might select some data we will sell to our data broker. Any corp is a win for us.

Q (Erez): Global agencies are pooling resources to track ransomware leaders. Are you happy living under constant pressure, and do you have an exit plan if the chase closes in?

A (Devman): Yep I am fairly happy, I do not see any wrongdoing in what I am doing, moreover, I am in a place where eu and us law enforcement can’t do shit, their maximum is to put me on a wanted poster, and hope that I will once decide to go to the country they can get me from.

Q (Erez): Every individual, even on unconventional paths, draws inspiration from
somewhere. is there a particular book, film, or figure that shaped your worldview or influenced your approach?

A (Devman): Honestly – Последний Оплот Безопасности, you should watch some of the videos the guy posts, he is truly a narrator from god.

Q (Erez): What is the weirdest request you have ever received from a victim during negotiations?

A (Devman): A US-based optics contractor was trying to get my name and said that I should enjoy the money, but I will find you. Which was really odd; he also really wanted to have a phone call, probably he got dragged out of the monitor, because later a much more sensible person started negotiating.

Q (Erez): Do you have any final words or messages you would like to share with my 38k followers, whether advice or something else?

A (Devman): If you are Jewish, stick with other Jewish people.