Feds catch one other LockBit hacker, Justice Division declares

The Justice Division has arrested and charged a Russian nationwide for his alleged position in a number of LockBit ransomware assaults in opposition to victims within the U.S. and world wide.

Based on a felony grievance unsealed on Thursday, 20-year-old Ruslan Magomedovich Astamirov is accused of finishing up 5 cyberattacks between August 2020 and March 2023, 4 of which deployed the infamous LockBit ransomware.

“Astamirov allegedly participated in a conspiracy with different members of the LockBit ransomware marketing campaign to commit wire fraud and to deliberately harm protected computer systems and make ransom calls for by way of the use and deployment of ransomware,” the Justice Division stated.

Astamirov, a citizen of the Russian-controlled Chechen Republic, allegedly carried out assaults on two U.S.-based organizations, together with organisations headquartered in Japan, France and Kenya. Based on the grievance, at the very least one of many victims paid $700,000. One other sufferer refused to pay, and Astamirov allegedly uploaded the corporate’s information to LockBit’s public server.

LockBit first emerged as a ransomware-as-a-service (RaaS) operation in late-2019 and has since been utilized in roughly 1,800 ransomware assaults in opposition to sufferer programs in the US and worldwide. In an advisory revealed this week, U.S. cybersecurity officers stated that recognized LockBit assaults accounted for 16% of assaults on public entities, together with faculties, native governments and legislation enforcement companies, in 2022. 

Since January 2020, the LockBit group has been related to roughly $91 million in ransoms paid within the U.S., the advisory stated.

Astamirov, who was situated and arrested within the U.S. after legislation enforcement traced a portion of a sufferer’s ransom cost to a cryptocurrency handle beneath Astamirov’s management, has been indicted on fees of conspiracy to transmit ransom calls for, commit wire fraud, and deliberately harm protected computer systems. If discovered responsible, he might withstand 20 years in jail for the wire fraud cost and as much as 5 years in jail for the cost associated to damaging protected computer systems.

Astamirov is the third LockBit affiliate the U.S. Justice Division has charged within the final seven months. In November, officers charged 33-year-old Mikhail Vasiliev – described as “one of many world’s most prolific ransomware operators” – for his alleged involvement within the LockBit ransomware gang. Vasiliev is now in custody in Canada and awaiting extradition to the US.

In Might, the U.S. authorities additionally indicted U.S. Mikhail Matveev, recognized on-line as “Wazawaka” and “Boriselcin,” for allegedly appearing as a “central determine” in growing and deploying the Hive, LockBit and Babuk ransomware variants.

Because it emerged in 2019, LockBit has claimed a number of high-profile victims worldwide in latest months, together with the U.Okay. postal big Royal Mail, the federal government of Costa Rica, and monetary software program agency Ion Group. This week, LockBit additionally claimed duty for a cyberattack on Indian pharmaceutical big Granules India and revealed parts of the info it allegedly stole.