SECURITY
SECURITY
SECURITY
Russian man arrested for alleged involvement with LockBit ransomware gang
A Russian national has been arrested in Arizona on charges alleging that he was involved in multiple LockBit ransomware attacks against victims in the U.S., Asia, Europe and Africa.
The LockBit ransomware gang, which first emerged in 2020, operates on a ransomware-as-a-service model where affiliates use already developed ransomware to execute attacks. In its time, LockBit has regularly been one of the most prolific ransomware groups, named as the most active threat actor in January.
The Russian national, Ruslan Magomedovich Astamirov, is alleged by the Department of Justice to have been involved in five separate ransomware attacks between August 2022 and March 2023, including four done as an affiliate of LockBit.
As part of his LockBit-related activities, Astamirov is alleged to have owned, controlled and used a variety of email addresses, Internet Protocol addresses and other online provider accounts that allowed him and his co-conspirators to deploy LockBit ransomware and to communicate with their victims. Suggesting how they eventually found him, law enforcement was able to trace a portion of a victim’s ransom payment in one of the LockBit attacks to a cryptocurrency address under Astamirov’s control.
“This LockBit-related arrest, the second in six months, underscores the Justice Department’s unwavering commitment to hold ransomware actors accountable,” Deputy Attorney General Lisa O. Monaco said in a statement. “In securing the arrest of a second Russian national affiliated with the LockBit ransomware, the department has once again demonstrated the long arm of the law. We will continue to use every tool at our disposal to disrupt cybercrime and while cybercriminals may continue to run, they ultimately cannot hide.”
The previous arrest occurred in Ontario, Canada, in November and involved dual Russian and Canadian national Mikhail Vasiliev. Similar to the allegations against Astamirov, Vasiliev was also accused of participating in LockBit campaigns, intentionally damaging protected computers and transmitting ransom demands.
Astamirov has been charged with conspiring to commit wire fraud and conspiring to damage protected computers and transmitting ransom demands intentionally. If convicted, he faces a maximum penalty of 20 years in prison on the first charge and a maximum penalty of five years in prison on the second charge.
Image: Bing Image Creator
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
