Russian national charged with ransomware attacks

The attacks targeted law enforcement agencies and other vital sectors

The Justice Department has unsealed two indictments charging a Russian national named Mikhail Pavlovich Matveev with using three different ransomware variants to attack numerous victims in the United States. Matveev, also known as Wazawaka, m1x, Boriselcin, and Uhodiransomwar, allegedly participated in conspiracies to deploy LockBit, Babuk, and Hive ransomware variants and transmitted ransom demands in connection with each. The attacks targeted law enforcement agencies, healthcare organizations, and other sectors, with total ransom demands amounting to as much as $US400 million, and victim ransom payments reaching up to $US200 million.

Matveev’s alleged involvement includes deploying LockBit ransomware against a law enforcement agency in Passaic County, New Jersey, in June 2020, deploying Hive against a nonprofit behavioral healthcare organization in Mercer County, New Jersey, in May 2022, and deploying Babuk against the Metropolitan Police Department in Washington, D.C., in April 2021.

Assistant Attorney General Kenneth A. Polite, Jr. emphasized the need for a coordinated response to such international cybercrimes, and U.S. Attorney Philip R. Sellinger for the District of New Jersey stated the charges serve as a reminder to cybercriminals that they will be brought to justice. U.S. Attorney Matthew M. Graves for the District of Columbia stressed the commitment to prosecute and punish offenses targeting key institutions and individuals.

The LockBit ransomware variant, which Matveev is accused of using, has executed over 1,400 attacks globally, issuing over $US100 million in ransom demands and receiving over $US75 million in ransom payments. Similarly, the Babuk ransomware variant has executed over 65 attacks, issuing over $US49 million in ransom demands and receiving as much as $US13 million in ransom payments. The Hive ransomware group, in which Matveev allegedly participated, has targeted over 1,400 victims worldwide and received as much as $US120 million in ransom payments.

The ransomware attacks generally involved gaining unlawful access to vulnerable computer systems, deploying the ransomware, encrypting, and stealing data, sending ransom demands, and negotiating ransom amounts. Failure to pay often resulted in the public release of the victim’s data on data leak sites.

Matveev is charged with conspiring to transmit ransom demands, conspiring to damage protected computers, and intentionally damaging protected computers. If convicted, he could face over 20 years in prison.

The case is being investigated by the FBI Newark Field Office’s Cyber Crimes Task Force, with assistance from various domestic and international partners. The Department of the Treasury’s Office of Foreign Assets Control has also designated Matveev for his role in launching ransomware attacks, and the Department of State is offering a reward of up to $US10 million for information leading to his arrest and/or conviction.



Leave a Comment

Related posts