Navigation X
ALERT
Click here to register with a few steps and explore all our cool stuff we have to offer!



 1375

20-Year-Old Russian LockBit Ransomware Affiliate Arrested in Arizona

by RealThreat - 17 June, 2023 - 07:17 PM
This post is by a banned member (RealThreat) - Unhide
3.319
Posts
170
Threads
2 Years of service
#1
(This post was last modified: 17 June, 2023 - 07:18 PM by RealThreat. Edited 1 time in total.)
[Image: hand.jpg]
 The U.S. Department of Justice (DoJ) on Thursday unveiled charges against

a Russian national for his alleged involvement in deploying LockBit ransomware to targets in the U.S., Asia, Europe, and Africa.

Ruslan Magomedovich Astamirov, 20, of Chechen Republic has been accused of perpetrating at least five attacks

between August 2020 and March 2023. He was arrested in the state of Arizona last month.
"Astamirov allegedly participated in a conspiracy with other members of the LockBit ransomware campaign to commit wire fraud

and to intentionally damage protected computers and make ransom demands through the use and deployment of ransomware," the DoJ 
said.

Astamirov, as part of his LockBit-related activities, managed various email addresses, IP addresses, and other online accounts
to deploy the ransomware and communicate with the victims.

Law enforcement agencies said they were able to trace a chunk of an

unnamed victim's ransom payment to a virtual currency address operated by Astamirov.

The defendant, if convicted, faces a maximum penalty of 20 years in prison on the first charge and a

maximum penalty of five years in prison on the second charge.
Astamirov is the third individual to be prosecuted in the U.S. in connection with LockBit after 
Mikhail Vasiliev, who is currently

awaiting extradition to the U.S., and 
Mikhail Pavlovich Matveev, who was indicted last month for his

participation in LockBit, Babuk, and Hive ransomware. Matveev remains at large.
In a recent 
interview with The Record, Matveev said he was not surprised by the Federal Bureau of Investigation's (FBI) decision to

include his name in the 
Cyber Most Wanted list and that the "news about me will be forgotten very soon."
Matveev, who said he is self-taught, also admitted to his role as an affiliate for the now-defunct 
Hive operation, and professed his desire to "take IT in Russia to the next level."

 
The DoJ statement also comes a day after cybersecurity authorities from Australia, Canada, France, Germany,

New Zealand, the U.K., and the U.S. released a 
joint advisory warning of LockBit ransomware.
LockBit functions under the ransomware-as-a-service (RaaS) model, in which the core team recruits affiliates to carry out the

attacks against corporate networks on their behalf in return for a cut of the ill-gotten proceeds.
The affiliates are known to employ double extortion techniques by first encrypting victim data and then exfiltrating that data

while threatening to post that stolen data on leak sites in an attempt to
pressurize the targets into paying ransoms.
The group is estimated to have launched nearly 1,700 attacks since emerging on the scene in late 2019, although the exact number is believed t
o be higher since the dark web data leak site only reveals the names and leaked data of victims who refuse to pay ransoms.

News From 
https://thehackernews.com/2023/06/20-yea...mware.html
This post is by a banned member (Vaaderr) - Unhide
Vaaderr  
Registered
96
Posts
4
Threads
1 Year of service
#2
(17 June, 2023 - 07:17 PM)RealThreat Wrote: Show More
[Image: hand.jpg]
 The U.S. Department of Justice (DoJ) on Thursday unveiled charges against

a Russian national for his alleged involvement in deploying LockBit ransomware to targets in the U.S., Asia, Europe, and Africa.

Ruslan Magomedovich Astamirov, 20, of Chechen Republic has been accused of perpetrating at least five attacks

between August 2020 and March 2023. He was arrested in the state of Arizona last month.
"Astamirov allegedly participated in a conspiracy with other members of the LockBit ransomware campaign to commit wire fraud

and to intentionally damage protected computers and make ransom demands through the use and deployment of ransomware," the DoJ 
said.

Astamirov, as part of his LockBit-related activities, managed various email addresses, IP addresses, and other online accounts
to deploy the ransomware and communicate with the victims.

Law enforcement agencies said they were able to trace a chunk of an

unnamed victim's ransom payment to a virtual currency address operated by Astamirov.

The defendant, if convicted, faces a maximum penalty of 20 years in prison on the first charge and a

maximum penalty of five years in prison on the second charge.
Astamirov is the third individual to be prosecuted in the U.S. in connection with LockBit after 
Mikhail Vasiliev, who is currently

awaiting extradition to the U.S., and 
Mikhail Pavlovich Matveev, who was indicted last month for his

participation in LockBit, Babuk, and Hive ransomware. Matveev remains at large.
In a recent 
interview with The Record, Matveev said he was not surprised by the Federal Bureau of Investigation's (FBI) decision to

include his name in the 
Cyber Most Wanted list and that the "news about me will be forgotten very soon."
Matveev, who said he is self-taught, also admitted to his role as an affiliate for the now-defunct 
Hive operation, and professed his desire to "take IT in Russia to the next level."

 
The DoJ statement also comes a day after cybersecurity authorities from Australia, Canada, France, Germany,

New Zealand, the U.K., and the U.S. released a 
joint advisory warning of LockBit ransomware.
LockBit functions under the ransomware-as-a-service (RaaS) model, in which the core team recruits affiliates to carry out the

attacks against corporate networks on their behalf in return for a cut of the ill-gotten proceeds.
The affiliates are known to employ double extortion techniques by first encrypting victim data and then exfiltrating that data

while threatening to post that stolen data on leak sites in an attempt to
pressurize the targets into paying ransoms.
The group is estimated to have launched nearly 1,700 attacks since emerging on the scene in late 2019, although the exact number is believed t
o be higher since the dark web data leak site only reveals the names and leaked data of victims who refuse to pay ransoms.

News From 
https://thehackernews.com/2023/06/20-yea...mware.html

Nice content, like to see it! [Image: hackerman.gif]
LIKE POST OR BAN[Image: bruh.gif]

Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
or
Sign in
Already have an account? Sign in here.


Forum Jump:


Users browsing this thread: 1 Guest(s)