A citizen of Chechnya (the republic of the Russian Federation) was arrested in the state of Arizona (USA) last month for allegedly hacking the network with the LockBit ransomware.
The US Department of Justice (DoJ) has just announced charges against a Russian citizen in connection with the deployment of LockBit ransomware in targets to the US, Asia, Europe, and Africa.
According to TheHackerNews, Ruslan Magomedovich Astamirov (20 years old) is accused of carrying out at least five attacks between August 2020 and March 2023
The DoJ said Astamirov allegedly joined other members in the LockBit ransomware campaign to commit fraud and intentionally damage protected computers, making money requests. ransom through the use and deployment of ransomware.
The hacker manages multiple email addresses, IP addresses, and other online accounts to deploy ransomware and communicate with victims as part of LockBit malware-related operations. US law enforcement says it is possible to trace the amount of an anonymous victim’s ransom payment to a digital wallet managed by Astamirov
If convicted, Astamirov faces a maximum penalty of 20 years in prison for the first count and five years in prison for the second. This is the third individual to be prosecuted in the US concerning LockBit. Before that were Mikhail Vasiliev, who is currently awaiting extradition to the US, and Mikhail Pavlovich Matveev, who was indicted in absentia last month for his participation in the LockBit, Babuk, and Hive ransomware.
In a recent interview with The Record, Matveev said he was not surprised by the decision of the US Federal Bureau of Investigation (FBI) to put his name on the most wanted list online. He believes that the news about him will soon be forgotten. Matveev also acknowledged his role as an affiliate of the Hive operation and expressed his desire to take IT in Russia to the next level.
The DoJ’s announcement comes a day after cybersecurity agencies from Australia, Canada, France, Germany, New Zealand, the UK, and the US issued a joint warning about the LockBit ransomware.
This is ransomware operating under a service model (RaaS), the core group recruits affiliates to carry out attacks on the corporate network on their behalf, in exchange for a portion of the nefarious proceeds. Affiliates often encrypt victim data, followed by threatening to post stolen data on leaked websites to pressure targets to pay the ransom.
The organization LockBit estimates that it has carried out nearly 1,700 attacks since its inception in late 2019. However, the exact number is believed to be higher because data leak websites often only reveal names and compromised data. leaks of victims who refuse to pay the ransom