US DoJ charges Russian national with ransomware attacks against critical infrastructure in the US and elsewhere
The United States has charged a Russian national with carrying out ransomware attacks against critical infrastructure.
The US Department of Justice (DoJ) announced on Tuesday that Mikhail Pavlovich Matveev (aka Wazawaka, aka m1x, aka Boriselcin, aka Uhodiransomwar) had alleged attacked law enforcement agencies in Washington DC, and New Jersey, as well as other victims worldwide.
The two unsealed indictments charge Matveev with using three different ransomware variants to attack numerous victims throughout the United States, and in a sign of how much the US wants to catch him, the US Department of State has announced an award of up to $10 million for information that leads to his arrest and/or conviction.
So why does the US want Matveev so badly?
Well according to the DoJ from at least as early as 2020, Matveev allegedly participated in conspiracies to deploy three ransomware variants.
These variants are known as LockBit, Babuk, and Hive, and Matveev transmitted ransom demands in connection with each. The perpetrators behind each of these variants, including Matveev, have allegedly used these types of ransomware to attack thousands of victims in the United States and around the world.
These victims include law enforcement and other government agencies, hospitals, and schools.
The US said that total ransom demands allegedly made by the members of these three global ransomware campaigns to their victims amount to as much as $400 million, while total victim ransom payments amount to as much as $200 million.
“From his home base in Russia, Matveev allegedly used multiple ransomware variants to attack critical infrastructure around the world, including hospitals, government agencies, and victims in other sectors,” said Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division.
“These international crimes demand a co-ordinated response,” said Polite Jr. “We will not relent in imposing consequences on the most egregious actors in the cybercrime ecosystem.”
Among the attacks that Matveev allegedly carried out was an attack alongside his LockBit co-conspirators against a law enforcement agency in Passaic County, New Jersey.
On 26 April 2021, Matveev and his Babuk coconspirators allegedly deployed Babuk against the Metropolitan Police Department in Washington, DC.
Matveev is charged with conspiring to transmit ransom demands, conspiring to damage protected computers, and intentionally damaging protected computers.
If convicted, he faces over 20 years in prison.
Don’t give a ****
CNN quoted Azim Khodjibaev, senior threat analyst at Cisco Talos, who has tracked Matveev for years, saying that Matveev lives in the Russian enclave of Kaliningrad and regularly visits the Russian city of St. Petersburg.
Asked for comment by CNN on Twitter, Matveev replied with a video with a Russian man repeating the phrase, “I don’t give a f*** at all.”
With no extradition agreement between the US and Russia, and relations between Moscow and the rest of the world at an all time low due to Russia’s illegal invasion of Ukraine, there is little change that Matveev will end up in a US courtroom.
However, the temptation of a $10m reward for information leading to his arrest or conviction, may persuade some of his acquaintances to assist US authorities.