uTalk

thrive

Member

Registered: 2023-01-04

Posts: 2,018

In Arizona, a 20-year-old Russian LockBit Ransomware aff apprehended.

A Russian national was accused of helping spread the LockBit ransomware to targets in the US, Asia, Europe, and Africa by the US Department of Justice (DoJ), who unveiled the charges against him on Thursday.

20-year-old Ruslan Magomedovich Astamirov, a resident of the Chechen Republic, is charged with carrying out at least five attacks between August 2020 and March 2023. He was detained in Arizona last month.

The Department of Justice claimed that Astamirov "allegedly participated in a conspiracy with other members of the LockBit ransomware campaign to commit wire fraud, intentionally damage protected computers, and make ransom demands through the use and deployment of ransomware.".

Astamirov managed a number of email accounts, IP addresses, and other online accounts as part of his LockBit-related activities in order to distribute the ransomware and get in touch with the victims.

An unnamed victim's ransom payment was traced, according to law enforcement, to an Astamirov-controlled virtual currency address.

If found guilty, the defendant could receive a first-charge sentence of up to 20 years in prison and a second charge up to 5 years.

After Mikhail Vasiliev, who is presently awaiting extradition to the US, and Mikhail Pavlovich Matveev, who was indicted last month for his involvement in LockBit, Babuk, and Hive ransomware, Astamirov is the third person to be prosecuted in the US in connection with LockBit. Matveev is still on the loose.

In a recent interview with The Record, Matveev stated that the Federal Bureau of Investigation (FBI) decision to add his name to the Cyber Most Wanted list did not surprise him and that the "news about me will be forgotten very soon. ".

When asked about his affiliation with the now-defunct Hive operation, Matveev, who claimed to be self-taught, acknowledged it. He also expressed his desire to "take IT in Russia to the next level.". ".

The DoJ's announcement also comes a day after a joint advisory warning of the LockBit ransomware was released by cybersecurity authorities from Australia, Canada, France, Germany, New Zealand, the UK, and the US.

According to the ransomware-as-a-service (RaaS) business model, the core team of LockBit hires affiliates to conduct attacks against corporate networks on their behalf in exchange for a share of the illegally obtained profits.

The affiliates are known to use double extortion techniques by first encrypting victim data and then exfiltrating that data while threatening to post that stolen data on leak sites in an effort to pressure the targets into paying ransoms.

Since the group first appeared on the scene in late 2019, it is believed that it has carried out more attacks than 1,700, although the precise number is likely higher because the dark web data leak site only publishes the names and leaked information of victims who refuse to pay ransom.