US Authorities Arrested a Russian Citizen Who Is Associated with the Distribution of LockBit Ransomware

Ruslan Magomedovich Astamirov, a 20-year-old Russian citizen, has been arrested in Arizona and the U.S. Department of Justice says he is charged with injecting LockBit ransomware on victim networks both in the U.S. and abroad.

According to the released documents, the suspect was allegedly involved in the LockBit attacks between August 2020 and March 2023.

Allegedly, Astamirov was conspiring with other members of the LockBit ransomware campaign to commit wire fraud and deliberately damage protected computers, with the demand of a ransom through the use and deployment of ransomware. In particular, Astamirov directly carried out at least five attacks on the computer systems of victims in the US and abroad.according to the US Department of Justice.

Astamirov is charged with conspiracy to transfer ransom demands, wire fraud and intentionally damaging secure computers.

If found guilty, he could face up to 20 years in prison on charges of wire fraud and up to five years in prison on charges of damaging secure computers.

I note that Astamirov has become the third LockBit “partner” to be charged by the US Department of Justice over the past seven months. So, in November 2022, 33-year-old Russian citizen Mikhail Vasiliev was arrested in Canada. It has also been linked to LockBit ransomware attacks that affected “critical infrastructure and large industrial plants around the world.”

After that, in May 2023, charges were brought against Mikhail Matveev (also known as Wazawaka, m1x, Boriselcin and Uhodiransomwar). It has been linked to the deployment of LockBit, Babuk, and Hive ransomware to networks of organizations in the US and beyond.

It is also worth noting that earlier this week law enforcement from the US Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the Interstate Information Sharing and Analysis Center (MS-ISAC), as well as cybersecurity specialists from Australia, Canada, the UK, Germany, France and New Zealand have published a security bulletin on preventing LockBit attacks.

According to this document, LockBit has carried out about 1,700 attacks since 2020, and it cost nearly $91 million in ransoms alone to US victims. In addition, approximately one in six ransomware attacks targeting US government agencies in 2022 were linked to LockBit.

Each country provided its own statistics illustrating the frequency of LockBit attacks. Australia noted that last year, this group accounted for 18% of the total number of recorded extortion incidents. At the same time, in Canada and New Zealand, LockBit is responsible for one in five attacks.

France said that 11% of attacks since 2020 have been linked to LockBit, but noted that in some cases it was not possible to confirm or deny that victims’ networks were hacked, and the statistics are partly based on publications on the hackers’ website.

In the US, the group accounted for 16% of attacks against government agencies, including municipal and county governments, universities and schools, and emergency services, including law enforcement.

Let me remind you that information security specialists also reported that A Dissatisfied Developer Leaked the LockBit Ransomware Builder to the Public.
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button