Alleged Russian hacker charged in $200 million ransomware spree: Report

Ransomware groups typically hack into computer networks and deploy malicious software that encrypts computers and makes them unusable

Ransomware attack

Photo: Bloomberg

Listen to This Article

By William Turton

A Russian man was charged by US authorities in connection with his alleged role with multiple ransomware gangs that attacked hospitals, schools and police departments. 
Mikhail Pavlovich Matveev, who was known online as Wazawaka, was an active member of three ransomware gangs that collectively demanded $400 million from victims and received nearly $200 million in ransom payments, according to the Department of Justice. 
Ransomware groups typically hack into computer networks and deploy malicious software that encrypts computers and makes them unusable. The groups demand extortion payments in cryptocurrency and threaten to leak stolen data online if the ransom is not paid. 

Matveev was allegedly a member of the Lockbit, Babuk and Hive ransomware gangs. Those groups are “ranked among the most active and destructive cybercriminal threats in the world,” Philip Sellinger, the US attorney for the district of New Jersey, wrote in an indictment. Matveev, along with other members of the ransomware gangs, attacked as many as 2,800 victims in the US and around the world, Sellinger wrote. 
The alleged victims include the Metropolitan Police Department in the District of Columbia, which was attacked with ransomware in 2021. The hackers proceeded to publish dozens of stolen personnel files. 

Also Read

Cyber criminals accessed staff data in ransomware attack: The Guardian

Ransomware attack on AIIMS a conspiracy, planned by forces: Chandrasekhar

WannaCry to SamSam: 5 biggest ransomware attacks you need to know about

Hackers release sensitive information after ransomware attack on CommScope

Hive Ransomware seized after a global sting by US-German law enforcement

Death rate gap between Black, White Americans hits a 20-year high

Russian firms investing rupee surplus in Indian govt debt: IBA chief

Warren Buffett's Berkshire reworks banking bets amid turmoil, exits TSMC

OpenAI CEO Sam Altman proposes licences for building AI to US Congress

Bangladesh govt takes back 'extra security' to India, 3 other envoys

The groups also targeted churches and nonprofits, the Department of Justice said. 
Matveev’s identity was previously revealed by cybersecurity journalist Brian Krebs in January 2022. At the time, Krebs reported that Matveev had claimed affiliation with the Darkside ransomware group, which claimed responsibility for the attack on Colonial Pipeline Co. in May 2021. 

“From his home base in Russia, Matveev allegedly used multiple ransomware variants to attack critical infrastructure around the world, including hospitals, government agencies, and victims in other sectors,” said Assistant Attorney General Kenneth A. Polite Jr. of the Justice Department’s Criminal Division. 
In addition the the indictment, Matveev was sanctioned by US Department of the Treasury’s Office of Foreign Assets Control “for his role in launching ransomware attacks against US law enforcement, businesses, and critical infrastructure,” the Department of Justice said in a press release. 

First Published: May 16 2023 | 11:35 PM IST

Explore News