U.S. Officials Indict Russian Individual for $200 Million Ransomware Activities

• Mikhail Pavlovich Matveev was affiliated with the Lockbit, Babuk, and Hive groups.
• As per the DOJ, Mateev utilized various aliases when communicating online.

U.S. prosecutors have brought charges against a Russian individual alleged to have participated in multiple ransomware schemes. These schemes collectively generated approximately $200 million, predominantly in cryptocurrency. Ransomware attacks targeted hospitals, educational institutions, and even law enforcement agencies.

Mikhail Pavlovich Matveev was affiliated with the Lockbit, Babuk, and Hive groups. According to information from the Department of Justice, they have amassed around $200 million from victims after initially demanding over $400 million. The Department also noted that Mateev utilized various aliases when engaging with others online.

Confidential Data at Risk

Mateev faces accusations of being involved in the attacks on the Metropolitan Police Department in Washington, DC, in April 2021, and a New Jersey non-profit behavioral healthcare organization in May 2022, employing the Babuk ransomware.

In the earlier incident, the perpetrator and his associates threatened to expose confidential data while demanding payment. Since December 2020, the Babuk ransomware group has conducted at least 65 attacks worldwide, seeking a total of $49 million in ransom.

According to Bloomberg, in January 2022, cybersecurity journalist Brian Krebs disclosed that Mateev had acknowledged connections to the Darkside ransomware groups. In 2021, Darkside executed a ransomware attack on the Colonial Pipeline, successfully extorting 63.7 BTC from the company’s owners.

Since 2021, ransomware attacks frequently utilize cryptocurrencies such as Bitcoin. Furthermore, Bitcoin transactions cannot be reversed by banks or governments like traditional banking transactions, allowing hackers to demand payments while maintaining anonymity.